CVE-1999-0144

qmail - Denial of Service via RCPT Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0144. PoCs published by Wietse Venema, Frank DENIS.

AI-analyzed exploit summary This exploit code demonstrates a denial-of-service (DoS) attack against qmail by exhausting memory resources through an infinite loop of RCPT commands. It establishes an SMTP connection and repeatedly sends recipient commands to crash the server.

Description

Denial of service in Qmail by specifying a large number of recipients with the RCPT command.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Wietse Venema · cdoslinux
https://www.exploit-db.com/exploits/20562

This exploit code demonstrates a denial-of-service (DoS) attack against qmail by exhausting memory resources through an infinite loop of RCPT commands. It establishes an SMTP connection and repeatedly sends recipient commands to crash the server.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: qmail (unspecified version)
No auth needed
Prerequisites: network access to the qmail SMTP server (port 25)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Frank DENIS · perldoslinux
https://www.exploit-db.com/exploits/20561

This Perl script exploits a denial-of-service vulnerability in qmail by sending an excessive number of RCPT TO commands, exhausting dynamically allocated memory. The attack requires no authentication and targets qmail SMTP servers without resource limits.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: qmail (unspecified version)
No auth needed
Prerequisites: Network access to the qmail SMTP server (port 25) · qmail server without resource limits
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=87602558319029&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2237
Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=87602558319024&w=2
Vendor Advisory x_refsource_misc
http://cr.yp.to/qmail/venema.html
Broken Link, Third Party Advisory, US Government Resource x_refsource_misc
http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html

Scores

EPSS 0.0132
EPSS Percentile 67.2%

Details

Status published
Products (1)
qmail_project/qmail
Published Jun 01, 1997
Tracked Since Feb 18, 2026