Vulnerabilities > CVE-2005-2085 - Denial-Of-Service vulnerability in Infradig Systems Inframail Advantage Server6.0/Server6.7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description Inframail Advantage Server Edition 6.0. CVE-2005-2085. Dos exploit for windows platform id EDB-ID:1165 last seen 2016-01-31 modified 2005-06-27 published 2005-06-27 reporter Reed Arvin source https://www.exploit-db.com/download/1165/ title Inframail Advantage Server Edition 6.0 <= 6.37 - SMTP BoF Exploit description Inframail Advantage Server Edition 6.0. CVE-2005-2085. Dos exploit for windows platform id EDB-ID:1166 last seen 2016-01-31 modified 2005-06-27 published 2005-06-27 reporter Reed Arvin source https://www.exploit-db.com/download/1166/ title Inframail Advantage Server Edition 6.0 <= 6.37 - FTP BoF Exploit
Nessus
NASL family SMTP problems NASL id INFRAMAIL_AS_SMTP_OVERFLOW.NASL description The remote host is running the SMTP server component of Inframail, a commercial suite of network servers from Infradig Systems. According to its banner, the installed version of Inframail suffers from a buffer overflow vulnerability that arises when the SMTP server component processes a MAIL FROM command with an excessively long argument (around 40960 bytes). Successful exploitation will cause the service to crash and may allow arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 18588 published 2005-06-29 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18588 title Inframail SMTP MAIL FROM Command Remote Overflow DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(18588); script_version("1.14"); script_cve_id("CVE-2005-2085"); script_bugtraq_id(14077); script_name(english:"Inframail SMTP MAIL FROM Command Remote Overflow DoS"); script_set_attribute(attribute:"synopsis", value: "The remote SMTP server is vulnerable to a buffer overflow attack." ); script_set_attribute(attribute:"description", value: "The remote host is running the SMTP server component of Inframail, a commercial suite of network servers from Infradig Systems. According to its banner, the installed version of Inframail suffers from a buffer overflow vulnerability that arises when the SMTP server component processes a MAIL FROM command with an excessively long argument (around 40960 bytes). Successful exploitation will cause the service to crash and may allow arbitrary code execution." ); script_set_attribute(attribute:"see_also", value:"http://reedarvin.thearvins.com/20050627-01.html" ); script_set_attribute(attribute:"see_also", value:"https://seclists.org/fulldisclosure/2005/Jun/347" ); script_set_attribute(attribute:"solution", value: "Upgrade to Inframail 7.12 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/06/29"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/06/27"); script_cvs_date("Date: 2018/11/15 20:50:24"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_summary(english:"Checks for remote buffer overflow vulnerability in Inframail SMTP Server"); script_category(ACT_GATHER_INFO); script_family(english:"SMTP problems"); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_dependencies("smtpserver_detect.nasl"); script_require_ports("Services/smtp", 25); exit(0); } include("misc_func.inc"); include("smtp_func.inc"); port = get_service(svc:"smtp", default: 25, exit_on_fail: 1); if (get_kb_item('SMTP/'+port+'/broken')) exit(0); banner = get_smtp_banner(port:port); if (banner && banner =~ "InfradigServers-MAIL \(([0-5]\..*|6.([0-2].*|3[0-7])) ") security_hole(port);NASL family FTP NASL id INFRAMAIL_AS_FTP_OVERFLOW.NASL description The remote host is running the FTP server component of Inframail, a commercial suite of network servers from Infradig Systems. According to its banner, the installed version of Inframail suffers from a buffer overflow vulnerability that arises when the FTP server component processes an NLST command with an excessively long argument (around 102400 bytes). Successful exploitation will cause the service to crash and may allow arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 18587 published 2005-06-29 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18587 title Inframail FTP Server NLST Command Remote Overflow code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(18587); script_version("1.16"); script_cve_id("CVE-2005-2085"); script_bugtraq_id(14077); script_name(english:"Inframail FTP Server NLST Command Remote Overflow"); script_set_attribute(attribute:"synopsis", value: "The remote FTP server is vulnerable to a buffer overflow attack." ); script_set_attribute(attribute:"description", value: "The remote host is running the FTP server component of Inframail, a commercial suite of network servers from Infradig Systems. According to its banner, the installed version of Inframail suffers from a buffer overflow vulnerability that arises when the FTP server component processes an NLST command with an excessively long argument (around 102400 bytes). Successful exploitation will cause the service to crash and may allow arbitrary code execution." ); script_set_attribute(attribute:"see_also", value:"http://reedarvin.thearvins.com/20050627-01.html" ); script_set_attribute(attribute:"see_also", value:"https://seclists.org/fulldisclosure/2005/Jun/347" ); script_set_attribute(attribute:"solution", value: "Upgrade to Inframail 7.12 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/06/29"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/06/27"); script_cvs_date("Date: 2018/11/15 20:50:22"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_summary(english:"Checks for remote buffer overflow vulnerability in Inframail FTP Server"); script_category(ACT_GATHER_INFO); script_family(english:"FTP"); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_dependencies("ftpserver_detect_type_nd_version.nasl", "ftp_overflow.nasl"); script_exclude_keys("ftp/msftpd", "ftp/ncftpd", "ftp/fw1ftpd", "ftp/vxftpd"); script_require_ports("Services/ftp", 21); exit(0); } include("global_settings.inc"); include("ftp_func.inc"); port = get_ftp_port(default: 21); # Do a banner check for the vulnerability. banner = get_ftp_banner(port:port); if (! banner) exit(1, "No FTP banner on port "+port+"."); if ( egrep(string:banner, pattern:"InfradigServers-FTP \(([0-5]\..*|6.([0-2].*|3[0-7]))\)") ) { security_hole(port); }