Re: Simple Mail Server - SMTP Authentication Bypass Vulnerability



Hi,

demonalex@xxxxxxx schrieb am 08.01.2012 um 15:10:
Title: Simple Mail Server - SMTP Authentication Bypass Vulnerability

Bug Description :
Simple Mail Server is a tiny Mail Server written in C#. It can be sent mail
without password by using usual tcp client(such as telnet).
And it did not have SMTP authentication contoller.

POC(Remarks: domain alex.com and user alex@xxxxxxxx must be exists in
configuration for this test case):
telnet 127.0.0.1 25
220 TEST-121F797342 SMTP ready.
EHLO mail_of_alert
500 Not supported. Use HELO
MAIL FROM: <alex@xxxxxxxx>
250 OK
RCPT TO: <alex@xxxxxxxx>
250 OK
Data
354 Start mail input; end with <CRLF>.<CRLF>
From: "alex@xxxxxxxx" <alex@xxxxxxxx>
To: "alex@xxxxxxxx" <alex@xxxxxxxx>
Subject: authenticate is not required!

erm... where's the bug? If the mailer is configured to receive
mail for alex@xxxxxxxx, why should it require SMTP authentication
for incoming mails to that address?

Anyway, SMTP authentication is not a requirement for an MTA, so
the lack of such can hardly be called a bug.


Bye,
Peter
--
Peter Conrad
Tivano Software GmbH
Bahnhofstr. 18
63263 Neu-Isenburg
Tel: 06102 / 8099070
Fax: 06102 / 8099071
HRB 11680, AG Offenbach/Main
Geschäftsführer: Martin Apel



Relevant Pages

  • Re: Blocking mail with attachmens
    ... Not a bug that I know of, but for that rule to work the mail server must ... with attachments to an "untrusted" folder and marks them as read. ... "Marjolein" wrote in message ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Reportbug - Does it work?
    ... reportbug to get posted to the Bug page? ... I posted this bug on Nov 20 and it still isn't listed. ... submit@xxxxxxxxxxxxxxx on 11-20 and accepted my my ISP's mail server. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: web interface to submit bugs
    ... reportbug isn't bad, but it requires a mail server. ... The problem with a web interface is that it does not let the debian ... developer respond to the bug subbmiter. ...
    (Debian-User)
  • Re: Reportbug - Does it work?
    ... reportbug to get posted to the Bug page? ... I posted this bug on Nov 20 and it still isn't listed. ... actually get accepted by the next mail server? ... Roberto C. Sanchez ...
    (Debian-User)
  • Re: Does anybody else use the Visual Basic Resource Kit?
    ... "Geoff Jones" schrieb: ... > Does anybody use the Visual Basic Resource Kit? ... > and I've either discovered a bug in it or have a problem with my ...
    (microsoft.public.dotnet.languages.vb)