Vulnerabilities > CVE-2004-1638 - Remote SMTP EHLO/HELO Buffer Overflow in Tabs Laboratories MailCarrier
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description TABS MailCarrier v2.51 SMTP EHLO Overflow. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:16822 last seen 2016-02-02 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16822/ title TABS MailCarrier 2.51 - SMTP EHLO Overflow description MailCarrier 2.51 SMTP EHLO / HELO Buffer Overflow Exploit. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:598 last seen 2016-01-31 modified 2004-10-26 published 2004-10-26 reporter muts source https://www.exploit-db.com/download/598/ title MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow Exploit description MailCarrier 2.51 Remote Buffer Overflow Exploit. CVE-2004-1638. Remote exploit for windows platform id EDB-ID:637 last seen 2016-01-31 modified 2004-11-16 published 2004-11-16 reporter NoPh0BiA source https://www.exploit-db.com/download/637/ title MailCarrier 2.51 - Remote Buffer Overflow Exploit
Metasploit
description | This module exploits the MailCarrier v2.51 suite SMTP service. The stack is overwritten when sending an overly long EHLO command. |
id | MSF:EXPLOIT/WINDOWS/SMTP/MAILCARRIER_SMTP_EHLO |
last seen | 2020-06-01 |
modified | 2017-11-08 |
published | 2007-09-09 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1638 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb |
title | TABS MailCarrier v2.51 SMTP EHLO Overflow |
Nessus
NASL family | SMTP problems |
NASL id | MAILCARRIER_SMTP_OVERFLOW.NASL |
description | The target is running at least one instance of MailCarrier in which the SMTP service suffers from a buffer overflow vulnerability. By sending an overly long EHLO command, a remote attacker can crash the SMTP service and execute arbitrary code on the target. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 15902 |
published | 2004-12-03 |
reporter | This script is Copyright (C) 2004-2018 George A. Theall |
source | https://www.tenable.com/plugins/nessus/15902 |
title | MailCarrier < 3.0.1 SMTP EHLO Command Remote Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/83004/mailcarrier_smtp_ehlo.rb.txt |
id | PACKETSTORM:83004 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | Patrick Webster |
source | https://packetstormsecurity.com/files/83004/TABS-MailCarrier-v2.51-SMTP-EHLO-Overflow.html |
title | TABS MailCarrier v2.51 SMTP EHLO Overflow |