Home > Browse Exploits

Browse Exploit & Auxiliary Modules

The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.

Search for modules

MS06-019 Exchange MODPROP Heap Overflow

This module triggers a heap overflow vulnerability in MS Exchange that occurs when multiple malformed MODPROP values occur in a VCAL request.

Rank

Normal

Authors

pusscat < pusscat [at] metasploit.com >

References

Development

Similar Modules

Usage Information

$ msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/dos/windows/smtp/ms06_019_exchange
msf auxiliary(ms06_019_exchange) > set RHOST [TARGET IP]
msf auxiliary(ms06_019_exchange) > run

Module Options

MAILFROM	FROM address of the e-mail (default: zombie@brains.net)
MAILTO	TO address of the e-mail (default: human@ahhhzombies111.net)
RHOST	The target address
RPORT	The target port (default: 25)
SUBJECT	The subject of the e-mail (default: re: Your Brains)
CHOST	The local client address
CPORT	The local client port
ConnectTimeout	Maximum number of seconds to establish a TCP connection
Proxies	Use a proxy chain
SSL	Negotiate SSL for outgoing connections
SSLVersion	Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
VERBOSE	Enable detailed status messages
WORKSPACE	Specify the workspace for this module
TCP::max_send_size	Maxiumum tcp segment size. (0 = disable)
TCP::send_delay	Delays inserted before every send. (0 = disable)