SMTP User Enumeration Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMTP User Enumeration Utility', 'Description' = %q The SMTP service has two internal commands that allow the enumeration of users: VRFY confirmin...

Nmap NSE net: smtp-enum-users

Attempts to enumerate the users on a SMTP server by issuing the VRFY, EXPN or RCPT TO commands. The goal of this script is to discover all the user accounts in the remote system. The script will output the list of user names that were found. The script will stop querying the SMTP server if...

Inetserv 3.23 - SMTP Denial of Service

!/usr/bin/python Exploit Title: Inetserv 3.23 SMTP DoS Date: 1/22/2011 Author: G13 Software Link: http://www.avtronics.net/inetserv.php Version: 3.23 Tested on: WinXP SP0 Eng import socket s = socket.socketsocket.AFINET, socket.SOCKSTREAM buffer = "EXPN " + "%s" 40 + "\r\n" s.connect'127.0.0.1',2...

smtp-enum-users NSE Script

Attempts to enumerate the users on a SMTP server by issuing the VRFY, EXPN or RCPT TO commands. The goal of this script is to discover all the user accounts in the remote system. The script will output the list of user names that were found. The script will stop querying the SMTP server if...

Check if Mailserver answer to VRFY and EXPN requests

The Mailserver on this host answers to VRFY and/or EXPN requests. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

am-utils symbolic links security vulnerability

expn utility unsafe temporary files creation...

MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS

Exploit for unknown platform in category dos / poc ============================================================= MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS ============================================================= !/usr/bin/python MailEnable SMTP Service VRFY/EXPN Command...

MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS

No description provided by source. !/usr/bin/python MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow DoS Bug discovered by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Affected Versions : Standard Edition all versions Professional Edition all versions...

CVE-2008-1275

Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service crash via crafted 1 EXPN or 2 VRFY commands...

PT-2008-1124 · Gentoo Linux · Am-Utils

Name of the Vulnerable Software and Affected Versions: am-utils versions prior to 6.1.5 Description: The issue affects the am-utils package in Gentoo Linux and potentially other distributions, allowing local users to exploit it and compromise the confidentiality, integrity, and availability of...

EXPN Command Information Disclosure

Binary data 2023.prm...

CVE-2001-0280

Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command...

CVE-2001-0280

CVE-2001-0280 : The MERCUR SMTP server 3.30 contains a buffer overflow in the handling of the EXPN command that remote attackers can trigger with a long argument to execute arbitrary commands. The vulnerability is documented in CVE/NVD entries and corroborated by Nessus plugin notes, which descri...

CVE-2001-0280

Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command...

Mercur Mailserver 3.3 buffer overflow with EXPN

By default SMTP server is installed to be run from LocalSystem account. This makes it easy to make any action on the target system if an attacker could gain control over the code execution flow of the product. Particulary, MERCUR SMTP-Service binary MCRSMTP.EXE version 3.30.3.0 suffers from buffe...

CVE-1999-0531

The connected documents describe a vulnerability class where an SMTP service that supports commands like VRFY and EXPN can enumerate valid user accounts (revealing aliases or mailing lists). The evidence includes a Metasploit module (SMTP User Enumeration Utility) and CIRCL/CVE references linking...

slmail3.1.txt

Date: Thu, 4 Feb 1999 13:51:32 -0800 From: Marc To: [email protected] Subject: Multiple SLMail Vulnerabilities eEye Digital Security Team www.eEye.com [email protected] February 04, 1999 Multiple SLMail Vulnerabilities Systems Affected SLMail 3.1 Release Date February 04, 1999 Advisory...

Multiple Mail Server EXPN/VRFY Information Disclosure

The remote SMTP server answers to the EXPN and/or VRFY commands. The EXPN command can be used to find the delivery address of mail aliases, or even the full name of the recipients, and the VRFY command may be used to check the validity of an account. Your mailer should not allow remote users to u...