Vulnerabilities > CVE-2004-2677 - Unspecified vulnerability in Qwikmail Smtp 0.3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

qwikmail

exploit available

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments.

Vulnerable Configurations

Part	Description	Count
Application	Qwikmail Qwikmail Qwikmail Smtp 0.3	1

Exploit-Db

description	Qwik SMTP 0.3 Remote Root Format String Exploit. CVE-2004-2677. Remote exploit for linux platform
id	EDB-ID:620
last seen	2016-01-31
modified	2004-11-09
published	2004-11-09
reporter	Carlos Barros
source	https://www.exploit-db.com/download/620/
title	Qwik SMTP 0.3 - Remote Root Format String Exploit

Summary

Vulnerable Configurations

Exploit-Db

References