lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 16 Nov 2007 08:06:37 -0000
From: thetaung@...il.com
To: bugtraq@...urityfocus.com
Subject: Javamail login username and password same email problem

Javamail login username and password same email problem

By Thet Aung Min Latt
Yangon Myanmar 
16 November 2007

1. First logon to examplemail.com
http://examplemail.com/login.jsp
And login with username@...mplemail.com in username and password box.

User name: username@...mplemail.com
Password:username@...mplemail.com

2. It will return unexpected error as follow;

Connecting Please Wait
Open Err:Connect failed; nested exception is: java.net.UnknownHostException: examplemail.com@....3.4(ip) Error occur : null

3. After this error, contineous Refresh (Keep pressing F5 key) and Post DATA yes, and following error occur.
 
com.example.util.dao.DAOException: SQL Exception while getting Connection: org.apache.commons.dbcp.SQLNestedException: Cannot get a connection, pool exhausted, cause: Timeout waiting for idle object

This problem can lead an attack to DOS attack type 

Anyway thanks for reading this article.

Thet Aung Min Latt 
Email: thetaung@...il.com
Web: http://taml.co.nr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ