CVE-2000-0284

Exploitation Summary

EIP tracks 9 public exploits for CVE-2000-0284. PoCs published by Metasploit, Gabriel A. Maggiotti, Teso, including Metasploit module exploits/linux/imap/imap_uw_lsub.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in the University of Washington IMAP server's LSUB command. It requires valid credentials and targets Linux systems with a brute-force approach to bypass ASLR.

Description

Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.

Exploits (9)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/16846

View Code ZIP pw:eip

This is a Metasploit module exploiting a buffer overflow in the University of Washington IMAP server's LSUB command. It requires valid credentials and targets Linux systems with a brute-force approach to bypass ASLR.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: University of Washington IMAP server v12.264

Auth required

Prerequisites: Valid IMAP credentials · Target running vulnerable IMAP server version

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Gabriel A. Maggiotti · cremoteunix

https://www.exploit-db.com/exploits/19847

View Code ZIP pw:eip

This exploit targets a buffer overflow in the LIST command of imapd (IMAP4rev1 prior to v10.234) on Redhat 7.0. It crafts a malicious payload to execute arbitrary shellcode, providing a reverse shell on port 30464.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IMAP4rev1 prior to v10.234

Auth required

Prerequisites: Valid user credentials · Network access to the IMAP service (port 143)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Teso · cremotelinux

https://www.exploit-db.com/exploits/397

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in WU-IMAP 2000.287(1-2) by sending a crafted PARTIAL command with shellcode to achieve remote code execution. It includes a reverse shell payload and requires valid login credentials.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WU-IMAP 2000.287(1-2)

Auth required

Prerequisites: Valid login credentials · Network access to the IMAP service (port 143)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by SkyLaZarT · cremotelinux

https://www.exploit-db.com/exploits/284

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IMAP4rev1 (CVE-2000-0284) by sending a maliciously crafted LSUB command with embedded shellcode to achieve remote code execution. It supports multiple versions and distributions by adjusting the return address.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IMAP4rev1 v12.261, v12.264, and 2000.284

Auth required

Prerequisites: Network access to the IMAP service (port 143) · Valid login credentials

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by teleh0r · perlremotelinux

https://www.exploit-db.com/exploits/253

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IMAP4rev1 v10.190. It uses a crafted AUTHENTICATE command with a long buffer containing NOP sleds, shellcode, and a manipulated return address to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IMAP4rev1 v10.190

No auth needed

Prerequisites: Network access to the target IMAP server on port 143 · Vulnerable version of IMAP4rev1

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by vlad902 · remoteunix

https://www.exploit-db.com/exploits/19848

View Code ZIP pw:eip

This exploit targets a buffer overflow in the University of Washington IMAP4 server's LSUB command, allowing remote code execution. It includes bruteforce techniques for stack and heap overflows across multiple architectures (x86, SPARC) and operating systems (Linux, FreeBSD, NetBSD, OpenBSD).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: University of Washington IMAP4 server (imapd)

Auth required

Prerequisites: Valid IMAP account credentials · Network access to the IMAP server (port 143)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by vlad902 · remoteunix

https://www.exploit-db.com/exploits/19849

View Code ZIP pw:eip

This is a Metasploit module exploiting a buffer overflow in the University of Washington IMAP4 server's COPY command. It includes stack bruteforce techniques for multiple architectures (x86, SPARC) and operating systems (Linux, BSD variants).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: University of Washington IMAP4 server (imapd)

Auth required

Prerequisites: Valid IMAP account credentials · Network access to the IMAP service (port 143)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by patrick · rubyremotelinux

https://www.exploit-db.com/exploits/10025

View Code ZIP pw:eip

This exploit targets a buffer overflow in the 'LSUB' command of the University of Washington IMAP server (v12.264). It sends a crafted payload to achieve remote code execution on vulnerable systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: University of Washington IMAP server v12.264

Auth required

Prerequisites: Valid username and password for the IMAP server · Network access to the target IMAP server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GOOD

by aushack, jduck · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/imap/imap_uw_lsub.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in the LSUB command of the University of Washington IMAP server (v12.264) to achieve remote code execution. It requires valid credentials and uses a brute-force approach to bypass ASLR.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: University of Washington IMAP Server v12.264

Auth required

Prerequisites: Valid IMAP credentials · Network access to the target IMAP server

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-04/0085.html

Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1110

Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-04/0074.html

University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command

Exploitation Summary

Description

Exploits (9)

References (3)

Scores

Details