| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Jan 2012 13:21:22 +0100 From: Peter Conrad <conrad@...ano.de> To: bugtraq@...urityfocus.com Subject: Re: Simple Mail Server - SMTP Authentication Bypass Vulnerability Hi, demonalex@....com schrieb am 08.01.2012 um 15:10: > Title: Simple Mail Server - SMTP Authentication Bypass Vulnerability > > Bug Description : > Simple Mail Server is a tiny Mail Server written in C#. It can be sent mail without password by using usual tcp client(such as telnet). > And it did not have SMTP authentication contoller. > > POC(Remarks: domain alex.com and user alex@...x.com must be exists in configuration for this test case): > >telnet 127.0.0.1 25 > 220 TEST-121F797342 SMTP ready. > EHLO mail_of_alert > 500 Not supported. Use HELO > MAIL FROM: <alex@...x.com> > 250 OK > RCPT TO: <alex@...x.com> > 250 OK > Data > 354 Start mail input; end with <CRLF>.<CRLF> > From: "alex@...x.com" <alex@...x.com> > To: "alex@...x.com" <alex@...x.com> > Subject: authenticate is not required! erm... where's the bug? If the mailer is configured to receive mail for alex@...x.com, why should it require SMTP authentication for incoming mails to that address? Anyway, SMTP authentication is not a requirement for an MTA, so the lack of such can hardly be called a bug. Bye, Peter -- Peter Conrad Tivano Software GmbH Bahnhofstr. 18 63263 Neu-Isenburg Tel: 06102 / 8099070 Fax: 06102 / 8099071 HRB 11680, AG Offenbach/Main Geschäftsführer: Martin Apel
Powered by blists - more mailing lists