CVE-2003-0264

EPSS 71.5%

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.

Affected products

n/a · n/a

public PoCs found — 12

githubgithub.com/TheMalwareGuardian/CVE-2003-0264★ 0 githubgithub.com/adenkiewicz/CVE-2003-0264★ 0 githubgithub.com/fyoderxx/slmail-exploit★ 0 githubgithub.com/war4uthor/CVE-2003-0264★ 0 githubgithub.com/pwncone/CVE-2003-0264-SLmail-5.5★ 0 githubgithub.com/vrikodar/CVE-2003-0264_EXPLOIT★ 0 githubgithub.com/nobodyatall648/CVE-2003-0264★ 0 exploitdbwww.exploit-db.com/exploits/16399unverified exploitdbwww.exploit-db.com/exploits/638unverified exploitdbwww.exploit-db.com/exploits/643unverified exploitdbwww.exploit-db.com/exploits/646unverified cve_referencepacketstormsecurity.com/files/161526/SLMail-5.1.0.4420-Remote-Code-Execution.htmlunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://marc.info/?l=bugtraq&m=105232506011335&w=2 http://marc.info/?l=ntbugtraq&m=105233360321895&w=2 http://packetstormsecurity.com/files/161526/SLMail-5.1.0.4420-Remote-Code-Execution.html http://www.nextgenss.com/advisories/slmail-vulns.txt