CVE-2000-1244

Computer Associates InoculateIT - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-1244. PoCs published by Hugo Caye.

AI-analyzed exploit summary This exploit demonstrates a vulnerability in InoculateIT 4.52 for MS Exchange, where removing the 'From:' field from an email header allows a malicious attachment to bypass virus scanning. The PoC involves manually crafting an SMTP message with an infected MIME attachment and sending it via telnet.

Description

Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Hugo Caye · textlocalwindows
https://www.exploit-db.com/exploits/20401

This exploit demonstrates a vulnerability in InoculateIT 4.52 for MS Exchange, where removing the 'From:' field from an email header allows a malicious attachment to bypass virus scanning. The PoC involves manually crafting an SMTP message with an infected MIME attachment and sending it via telnet.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: InoculateIT 4.52 for MS Exchange
No auth needed
Prerequisites: Access to an SMTP server · Ability to craft raw SMTP messages
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-11/0158.html

Scores

EPSS 0.0241
EPSS Percentile 82.1%

Details

Status published
Products (1)
broadcom/inoculateit_agent_for_exchange
Published Dec 31, 2000
Tracked Since Feb 18, 2026