CVE-2004-0104
published 2004-03-03CVE-2004-0104: Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
PriorityP347high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
26.22%
97.7th percentile
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| metamail_corporation | metamail | <= 2.7 | — |
| redhat | enterprise_linux | — | — |
| redhat | linux_advanced_workstation | — | — |
| sgi | propack | — | — |
| sgi | propack | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Metamail 2.7 and earlier is affected by multiple format string vulnerabilities allowing remote code execution; detect presence of vulnerable Metamail versions (2.7 and earlier) on systems processing email ↗
- →Exploit proof-of-concept files are publicly available; monitor for download or presence of exploit artifacts associated with ExploitDB entry 23728 ↗
- →Two buffer overflow and two format string vulnerabilities reported in Metamail; monitor for anomalous process behavior (crashes, unexpected child processes) spawned from Metamail when handling crafted email messages ↗
- ·CVE-2004-0104 covers multiple distinct vulnerability classes (buffer overflow AND format string) in Metamail 2.7 and earlier; ensure detection/patching addresses both classes, not just one ↗
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-269x-55hg-8vqh: Multiple format string vulnerabilities in Metamail 2
ghsa_unreviewed·2022-04-29
CVE-2004-0104 [HIGH] GHSA-269x-55hg-8vqh: Multiple format string vulnerabilities in Metamail 2
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Red Hat
security flaw
vendor_redhat·2004-02-18·CVSS 7.5
CVE-2004-0104 [HIGH] security flaw
security flaw
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
No detection rules found.
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.htmlhttp://marc.info/?l=bugtraq&m=107713476911429&w=2http://secunia.com/advisories/10908http://www.ciac.org/ciac/bulletins/o-083.shtmlhttp://www.debian.org/security/2004/dsa-449http://www.kb.cert.org/vuls/id/518518http://www.mandriva.com/security/advisories?name=MDKSA-2004:014http://www.redhat.com/support/errata/RHSA-2004-073.htmlhttp://www.securityfocus.com/bid/9692http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734https://exchange.xforce.ibmcloud.com/vulnerabilities/15245https://exchange.xforce.ibmcloud.com/vulnerabilities/15259http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.htmlhttp://marc.info/?l=bugtraq&m=107713476911429&w=2http://secunia.com/advisories/10908http://www.ciac.org/ciac/bulletins/o-083.shtmlhttp://www.debian.org/security/2004/dsa-449http://www.kb.cert.org/vuls/id/518518http://www.mandriva.com/security/advisories?name=MDKSA-2004:014http://www.redhat.com/support/errata/RHSA-2004-073.htmlhttp://www.securityfocus.com/bid/9692http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734https://exchange.xforce.ibmcloud.com/vulnerabilities/15245https://exchange.xforce.ibmcloud.com/vulnerabilities/15259
2004-03-03
Published