CVE-2001-0679

Trend Micro InterScan VirusWall 3.23 and 3.3 - Remote Code Execution via Long HELO Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2001-0679. PoCs published by dark spyrit, Alain Thivillon & Stephane Aubert.

AI-analyzed exploit summary This is a buffer overflow exploit targeting the HELO command in the SMTP gateway of InterScan VirusWall 3.23/3.3. It includes shellcode to achieve remote code execution (RCE) by overflowing the buffer with NOP sleds followed by malicious payload.

Description

A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.

Exploits (2)

exploitdb WORKING POC VERIFIED
by dark spyrit · assemblyremotewindows
https://www.exploit-db.com/exploits/19614

This is a buffer overflow exploit targeting the HELO command in the SMTP gateway of InterScan VirusWall 3.23/3.3. It includes shellcode to achieve remote code execution (RCE) by overflowing the buffer with NOP sleds followed by malicious payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: InterScan VirusWall 3.23/3.3
No auth needed
Prerequisites: Network access to the vulnerable SMTP gateway · Target system running InterScan VirusWall 3.23/3.3
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Alain Thivillon & Stephane Aubert · perlremotewindows
https://www.exploit-db.com/exploits/19612

This exploit targets a buffer overflow vulnerability in the HELO command of the InterScan SMTP Server (VirusWall) on Windows NT. It sends a crafted HELO command with 4075 'a' characters to trigger a crash or DoS condition.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: InterScan SMTP Server (VirusWall) Version 3.32 Builds 1011 and 1022
No auth needed
Prerequisites: Network access to the vulnerable SMTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=94204166130782&w=2
Exploit, Vendor Advisory mailing-list x_refsource_ntbugtraq
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9911&L=NTBUGTRAQ&P=R2331
Mailing List mailing-list x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=94208143007829&w=2
Mailing List mailing-list x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=94216491202063&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/3465

Scores

EPSS 0.1603
EPSS Percentile 96.5%

Details

Status published
Products (2)
trend_micro/interscan_viruswall 3.3
trend_micro/interscan_viruswall 3.23
Published Nov 08, 1999
Tracked Since Feb 18, 2026