CVE-2003-0280
published 2003-06-16CVE-2003-0280: Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or…
PriorityP342critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
14.75%
96.3th percentile
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| youngzsoft | cmailserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Youngzsoft CMailServer 4.0 - MAIL FROM Buffer Overflow
exploitdb·2003-05-10
CVE-2003-0280 Youngzsoft CMailServer 4.0 - MAIL FROM Buffer Overflow
Youngzsoft CMailServer 4.0 - MAIL FROM Buffer Overflow
---
source: https://www.securityfocus.com/bid/7547/info
A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long MAIL FROM e-mail header will cause CMailServer to crash and corrupt sensitive memory.
#!/usr/bin/perl -w
##################
# ESMTP CMailServer 4.0.2003.03.27 SMTP Service DoS attack
#
# URL: http://www.infowarfare.dk/
# EMAIL: [email protected]
# USAGE: sploit.pl
#
# Summary:
#
# The problem is a Buffer Overflow in the SMTP protocol, within the
# ESMTP CMailServer, causing the service to shutdown
# It is then where we can actually overwrite the exception handler on the
stack allowing
# A syst
Exploit-DB
Youngzsoft CMailServer 4.0 - 'RCPT TO' Buffer Overflow
exploitdb·2003-05-10
CVE-2003-0280 Youngzsoft CMailServer 4.0 - 'RCPT TO' Buffer Overflow
Youngzsoft CMailServer 4.0 - 'RCPT TO' Buffer Overflow
---
source: https://www.securityfocus.com/bid/7548/info
A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long RCPT TO e-mail header will cause CMailServer to crash and corrupt sensitive memory.
#!/usr/bin/perl -w
##################
# ESMTP CMailServer 4.0.2003.03.27 SMTP Service DoS attack
#
# URL: http://www.infowarfare.dk/
# EMAIL: [email protected]
# USAGE: sploit.pl
#
# Summary:
#
# The problem is a Buffer Overflow in the SMTP protocol, within the
# ESMTP CMailServer, causing the service to shutdown
# It is then where we can actually overwrite the exception handler on the
stack allowing
# A system
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0062.htmlhttp://marc.info/?l=bugtraq&m=105258772101349&w=2http://www.securityfocus.com/bid/7547http://www.securityfocus.com/bid/7548https://exchange.xforce.ibmcloud.com/vulnerabilities/11975http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0062.htmlhttp://marc.info/?l=bugtraq&m=105258772101349&w=2http://www.securityfocus.com/bid/7547http://www.securityfocus.com/bid/7548https://exchange.xforce.ibmcloud.com/vulnerabilities/11975
2003-06-16
Published