Debian Security Advisory

sendsys -- remote denial of service if using sendsys report mechanism

Date Reported:
28 Aug 1998
Affected Packages:
Security database references:
No other external database security references currently available.
More information:
We have received reports of a new kind of denial of service attack that was disabling INN news systems. Someone sent out tons of sendsys messages with forged "From" addresses. This can cause high load on a news system if it would process the requests.

Debian GNU/Linux is not vulnerable to this when the default setup is kept since such requests are only logged. However, they'll be processed if they come from two well known addresses.

This type of control messages is not needed anymore since the USENET has grown so much and is very reliable. Thus it doesn't hurt to turn this report mechanism off.