| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060203112039.392.qmail@securityfocus.com> Date: 3 Feb 2006 11:20:39 -0000 From: mark@...il.com To: bugtraq@...urityfocus.com Subject: IronMail-5.0.1-Denial of-Service-Protection-Lets-Remote-Users-Deny-Service IronMail 5.0.1 Denial of Service Protection Lets Remote Users Deny Service Date ==== November 29, 2005 – Research and Testing Junary 10, 2006 – Update Release Vulnerability ============= SYN attack Denial of Service (Flood Connections) Severity ======== High Affect Products =============== IronMail <= 5.0.1 Local/ Remote ============= Remote Vendor Status ============= Not response yet Reference about the product =========================== http://www.ciphertrust.com/products/cclass/ Credit ====== Alex Hernandez, (Bug Hunter) Mark Ludwik, (Researcher) Contact ======= Mark Ludwick [at] d-fender.com Description =========== The IronMail C-class is designed to handle the email traffic of the most demanding email environments in the world, including ISPs and multinational corporations with several geographically dispersed gateways. Vulnerability Description ========================= A vulnerability was reported in IronMail. A remote user can cause denial of service conditions. If the target IronMail service is configured with "Denial of Service Protection" enabled, then a remote user can generate a TCP SYN flood, sending malformed packets via multiple connections to cause the server to become busy. Proof of Concept ================ You can use hping or perl scripts to created malformed packets and multiple connections. The service remains busy and not blocks the DoS DDoS attacks.
Powered by blists - more mailing lists