CVE-2019-11395
published 2019-04-22CVE-2019-11395: A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3…
PriorityP357critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
14.57%
96.2th percentile
A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tabslab | mailcarrier | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8gp6-7fhv-cf82: A buffer overflow in the SMTP response service in MailCarrier 2
ghsa_unreviewed·2022-05-24·CVSS 9.8
CVE-2019-11682 [CRITICAL] CWE-119 GHSA-8gp6-7fhv-cf82: A buffer overflow in the SMTP response service in MailCarrier 2
A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395.
GHSA
GHSA-7v86-hv29-pw56: A buffer overflow in MailCarrier 2
ghsa_unreviewed·2022-05-24
CVE-2019-11395 [CRITICAL] CWE-119 GHSA-7v86-hv29-pw56: A buffer overflow in MailCarrier 2
A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.htmlhttp://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152502/MailCarrier-2.51-RCPT-TO-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152504/MailCarrier-2.51-USER-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152505/MailCarrier-2.51-LIST-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152506/MailCarrier-2.51-TOP-Buffer-Overflow.htmlhttps://packetstormsecurity.com/files/152530/MailCarrier-2.51-RETR-Buffer-Overflow.html
2019-04-22
Published