CVE-2000-0242
WindMail - Remote Command Execution and Arbitrary File Read via Shell Metacharacters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0242. PoCs published by Quan Peng.
AI-analyzed exploit summary The exploit describes a vulnerability in WindMail 3.0 where an attacker can retrieve arbitrary files from the webserver by manipulating the -n switch in command line mode or using an 'Attach:' header in header parsing mode. This is achieved through URL manipulation to send files via email.
Description
WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters.
Exploits (1)
The exploit describes a vulnerability in WindMail 3.0 where an attacker can retrieve arbitrary files from the webserver by manipulating the -n switch in command line mode or using an 'Attach:' header in header parsing mode. This is achieved through URL manipulation to send files via email.