CVE-2000-0490
NetWin dmail DSMTP 2.7q - Remote Code Execution via Long ETRN Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0490. PoCs published by noir.
AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in NetWin's DMail Server v2.7q via the ETRN command. It sends a crafted buffer with NOP sleds, a return address, and shellcode to spawn a reverse shell on port 6969.
Description
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by noir · cremotelinux
https://www.exploit-db.com/exploits/19983
This exploit targets a buffer overflow vulnerability in NetWin's DMail Server v2.7q via the ETRN command. It sends a crafted buffer with NOP sleds, a return address, and shellcode to spawn a reverse shell on port 6969.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
NetWin DMail Server v2.7q
No auth needed
Prerequisites:
Network access to the target SMTP server (port 25) · Target running NetWin DMail Server v2.7q
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/4579
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1297
Various Sources x_refsource_confirm
http://netwinsite.com/dmail/security.htm
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-05/0407.html
Scores
EPSS
0.0624
EPSS Percentile
92.6%
Details
Status
published
Products (6)
netwin/dmail
2.7
netwin/dmail
2.7q
netwin/dmail
2.8e
netwin/dmail
2.8f
netwin/dmail
2.8g
netwin/dmail
2.8h
Published
Jun 01, 2000
Tracked Since
Feb 18, 2026