Vulnerabilities > CVE-2004-1638
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN nessus
exploit available
metasploit
Summary
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description TABS MailCarrier v2.51 SMTP EHLO Overflow. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:16822 last seen 2016-02-02 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16822/ title TABS MailCarrier 2.51 - SMTP EHLO Overflow description MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Exploit. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:598 last seen 2016-01-31 modified 2004-10-26 published 2004-10-26 reporter muts source https://www.exploit-db.com/download/598/ title MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow Exploit description MailCarrier 2.51 Remote Buffer Overflow Exploit. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:637 last seen 2016-01-31 modified 2004-11-16 published 2004-11-16 reporter NoPh0BiA source https://www.exploit-db.com/download/637/ title MailCarrier 2.51 - Remote Buffer Overflow Exploit
Metasploit
| description | This module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command. |
| id | MSF:EXPLOIT/WINDOWS/SMTP/MAILCARRIER_SMTP_EHLO |
| last seen | 2020-06-01 |
| modified | 2017-11-08 |
| published | 2007-09-09 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1638 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb |
| title | TABS MailCarrier v2.51 SMTP EHLO Overflow |
Nessus
| NASL family | SMTP problems |
| NASL id | MAILCARRIER_SMTP_OVERFLOW.NASL |
| description | The target is running at least one instance of MailCarrier in which the SMTP service suffers from a buffer overflow vulnerability. By sending an overly long EHLO command, a remote attacker can crash the SMTP service and execute arbitrary code on the target. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15902 |
| published | 2004-12-03 |
| reporter | This script is Copyright (C) 2004-2018 George A. Theall |
| source | https://www.tenable.com/plugins/nessus/15902 |
| title | MailCarrier < 3.0.1 SMTP EHLO Command Remote Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83004/mailcarrier_smtp_ehlo.rb.txt |
| id | PACKETSTORM:83004 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | Patrick Webster |
| source | https://packetstormsecurity.com/files/83004/TABS-MailCarrier-v2.51-SMTP-EHLO-Overflow.html |
| title | TABS MailCarrier v2.51 SMTP EHLO Overflow |
References
- http://marc.info/?l=bugtraq&m=109880961630050&w=2
- http://marc.info/?l=bugtraq&m=109880961630050&w=2
- http://secunia.com/advisories/12999
- http://secunia.com/advisories/12999
- http://www.securityfocus.com/bid/11535
- http://www.securityfocus.com/bid/11535
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17861