CVE-1999-0925

UnityMail < 2.0 - Denial of Service via MIME Header Flood

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0925.

AI-analyzed exploit summary This Perl script exploits a denial-of-service vulnerability in Apache Web Server (and other servers) by flooding the target with large MIME headers (8000 bytes each), causing memory and CPU exhaustion. The exploit sends an excessive number of headers to trigger the DoS condition.

Description

UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.

Exploits (1)

exploitdb WORKING POC

perldoswindows

https://www.exploit-db.com/exploits/20272

View Code ZIP pw:eip

This Perl script exploits a denial-of-service vulnerability in Apache Web Server (and other servers) by flooding the target with large MIME headers (8000 bytes each), causing memory and CPU exhaustion. The exploit sends an excessive number of headers to trigger the DoS condition.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Apache Web Server (1.2.5, possibly 1.3.1), MessageMedia UnityMail

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=90486243124867&w=2

Scores

EPSS 0.0603

EPSS Percentile 91.0%

Details

Status published

Products (1)

messagemedia/unitymail < 2.0

Published Sep 03, 1999

Tracked Since Feb 18, 2026