Tweet
Hello,
as I don't receive any reply from Jose Alberto Ros Nieto (http://www.hamradioweb.org/forums/showthread.php?t=7417) , i publish the concept of the vulnerability, reserving to explain the PoC (Proof of Concept) later. Anyway, anyone that read careful the manual and the software feature can understand how to replicate the vulnerability.
The software have a vulnerability that permit to an anonymous user via a radio trasmission to flood a target email with unsolicited messages.
Please note that the vulnerability is on the software and not on the digital mode itself.
The intrinsec anonymity of any kind of radio emission, because most (all? ) of us are unable to trace it in a relatively short slot of time with everyday tools, make possible for the author of the flood to remain anonymous.
The only persons responsible of the flood, from an ISP point of view, are all the people that , acting as a relay from the radio side to the internet side, are sending mails without any control about the final recipient !!!
Some tests carry out an attainable rate of about 50 mails per minute, depends by stations on air and HF propagation.
At present time, all the people that have email parameters configured on current and pasts ROS version are vulnerable.
Workaround: disable e-mail SMTP out parameters.
73,
Cristiano IZ0IEN
as I don't receive any reply from Jose Alberto Ros Nieto (http://www.hamradioweb.org/forums/showthread.php?t=7417) , i publish the concept of the vulnerability, reserving to explain the PoC (Proof of Concept) later. Anyway, anyone that read careful the manual and the software feature can understand how to replicate the vulnerability.
The software have a vulnerability that permit to an anonymous user via a radio trasmission to flood a target email with unsolicited messages.
Please note that the vulnerability is on the software and not on the digital mode itself.
The intrinsec anonymity of any kind of radio emission, because most (all? ) of us are unable to trace it in a relatively short slot of time with everyday tools, make possible for the author of the flood to remain anonymous.
The only persons responsible of the flood, from an ISP point of view, are all the people that , acting as a relay from the radio side to the internet side, are sending mails without any control about the final recipient !!!
Some tests carry out an attainable rate of about 50 mails per minute, depends by stations on air and HF propagation.
At present time, all the people that have email parameters configured on current and pasts ROS version are vulnerable.
Workaround: disable e-mail SMTP out parameters.
73,
Cristiano IZ0IEN
)
Commenta