From owner-freebsd-security Wed Apr 14 10:25:24 1999 Delivered-To: freebsd-security@freebsd.org Received: from itesec.hsc.fr (itesec.hsc.fr [192.70.106.33]) by hub.freebsd.org (Postfix) with ESMTP id C759E1559F for ; Wed, 14 Apr 1999 10:25:19 -0700 (PDT) (envelope-from Alain.Thivillon@hsc.fr) Received: from yoko.hsc.fr (yoko.hsc.fr [192.70.106.76]) by itesec.hsc.fr (Postfix) with ESMTP id 9CB1510E22; Wed, 14 Apr 1999 19:22:58 +0200 (CEST) Received: by yoko.hsc.fr (Postfix snapshot-19990409, from userid 1001) id 6614F12FCD0; Wed, 14 Apr 1999 19:22:53 +0200 (CEST) Date: Wed, 14 Apr 1999 19:22:53 +0200 From: Alain Thivillon To: "Andy V. Oleynik" Cc: freebsd-security@FreeBSD.ORG Subject: Re: Sendmail up to 8.9.2 vulnerability Message-ID: <19990414192253.D5661@yoko.hsc.fr> References: <3714B71B.5420EB1F@prime.net.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.95.1i In-Reply-To: <3714B71B.5420EB1F@prime.net.ua>; from Andy V. Oleynik on Wed, Apr 14, 1999 at 06:41:17PM +0300 X-Organization: Herve Schauer Consultants Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Andy V. Oleynik" écrivait (wrote) : > What does he mean under "LA"? Load Average. Sendmail eats all processing power during header parsing, if you open 15 simultaneous sessions sending lot of headers, your load average (ie number of runnable processes) will mount as high as 15, then sendmail will refuse new connections (according to RefuseLa parameter, by default 12). > And may be some of U has appropriate patch for subj? Install 8.9.3, who introduces 32K limit for total headers size and breaks connection after that. Symptom is still here, but consequences are more limited. -- Alain Thivillon -+- Alain.Thivillon@hsc.fr -+- Hervé Schauer Consultants Pgp Key ID: 0x57155CC9 AT1718 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message