CVE-1999-0759

FuseMAIL - Buffer Overflow via Long USER and PASS Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0759. PoCs published by UNYUN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in FuseMail 2.7's POP service via long USER and PASS commands. It uses a JMP ESP address (0xbff7a027) to redirect execution to shellcode that spawns notepad.exe via msvcrt.dll.system.

Description

Buffer overflow in FuseMAIL POP service via long USER and PASS commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by UNYUN · cremotewindows

https://www.exploit-db.com/exploits/19496

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in FuseMail 2.7's POP service via long USER and PASS commands. It uses a JMP ESP address (0xbff7a027) to redirect execution to shellcode that spawns notepad.exe via msvcrt.dll.system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: FuseMail 2.7

No auth needed

Prerequisites: Network access to the target's POP service (port 110) · FuseMail 2.7 running on Windows 98

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_refsource_confirm

http://www.crosswinds.net/~fuseware/faq.html#8

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/634

Scores

EPSS 0.0311

EPSS Percentile 86.1%

Details

Status published

Products (1)

fuseware/fusemail 2.7

Published Sep 13, 1999

Tracked Since Feb 18, 2026