CVE-1999-1504

Stalker Internet Mail Server 1.6 - Denial of Service via Long HELO Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1504. PoCs published by David Luyer.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Stalker Internet Mail Server 1.6 via an overly long HELO command, leading to a denial of service (DoS). The PoC shows the server crashing when a large string is sent as the hostname.

Description

Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by David Luyer · textremoteaix
https://www.exploit-db.com/exploits/19047

This exploit demonstrates a buffer overflow vulnerability in Stalker Internet Mail Server 1.6 via an overly long HELO command, leading to a denial of service (DoS). The PoC shows the server crashing when a large string is sent as the hostname.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Stalker Internet Mail Server 1.6
No auth needed
Prerequisites: Network access to the SMTP port of the target server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/62
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/8951

Scores

EPSS 0.0246
EPSS Percentile 82.5%

Details

Status published
Products (1)
stalker/stalker_internet_mail_server 1.6
Published Apr 08, 1998
Tracked Since Feb 18, 2026