Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

[Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC
From: Albert Sellarès <whats () wekk net>
Date: Tue, 16 Sep 2008 22:20:15 +0200
Hello,

I have released this PoC for the Linux-only local denial of service
caused by the leak of epoll file descriptors.

This Proof of concept creates a pipe and adds it in postfix's epoll file
descriptor.
When the pipe is added, an endless loop will launch lots of events to
the local and master postfix processes. 
This PoC will slowdown the system a lot.

You can find all the needed files at
http://www.wekk.net/research/CVE-2008-4042/ and
http://www.wekk.net/research/CVE-2008-3889/ and attached with this
email.

Feel free to write me for feedback, corrections, etc.

-- 
  Albert Sellarès        GPG id: 0x13053FFE
  http://www.wekk.net    whats_up () jabber org 
  Linux User: 324456     Catalunya

Attachment: CVE-2008-4042-exploit.c
Description:

Attachment: signature.asc
Description: Això és una part d'un missatge, signada digitalment

  By Date           By Thread  

Current thread:
  • [Suspected Spam][CVE-2008-4042] Postfix Linux-only local denial of service - PoC Albert Sellarès (Sep 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]