CVE-2002-0799
published 2002-08-12CVE-2002-0799: Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
14.32%
96.2th percentile
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| youngzsoft | cmailserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (2)
exploitdb·2002-05-21
CVE-2002-0799 Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (2)
Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/4789/info
CMailServer is vulnerable to a buffer overflow condition. It has been reported that the CMailServer does not perform proper bounds checking on the USER argument.
It is possible for a remote malicious attacker to craft a request that will result in code execution on the vulnerable system.
This issue has been reported in CMailServer 3.30. Other versions may also be affected.
/*
Remote exploit for Pop3 service CMailServer v4.0
by m00 security [www.m00.ru]
Advistory by Dennis Rand der[at]infowarfare.dk
Coded by Over_G overg[at]mail.ru
You may change 2 type: DOS or Portbind
1) Denial of service
2) Bind shell on port 61200
Tested only on Windows 2000 SP3 English
G
Exploit-DB
Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (1)
exploitdb·2002-05-20
CVE-2002-0799 Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (1)
Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/4789/info
CMailServer is vulnerable to a buffer overflow condition. It has been reported that the CMailServer does not perform proper bounds checking on the USER argument.
It is possible for a remote malicious attacker to craft a request that will result in code execution on the vulnerable system.
This issue has been reported in CMailServer 3.30. Other versions may also be affected.
/*
cmeexp.c
May 20, 2002
CMailServer 3.30 uses sprintf() without any previous
bounds checking while testing for the presence of the
passed USER argument's home directory within 'mail'..
sprintf(%s\\mail\\%s, CMail path ptr, USER arg ptr)
you know how the story goes, we can overwrite some
seriou
No writeups or analysis indexed.
2002-08-12
Published