CVE-2002-0280

CodeBlue < 4 - Remote Code Execution via SMTP Reply Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0280. PoCs published by doe.

AI-analyzed exploit summary This exploit targets a buffer overflow in CodeBlue's SMTP response handling. It sets up a fake SMTP server to deliver a crafted response containing shellcode, triggering remote code execution when CodeBlue processes the log entry.

Description

Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply.

Exploits (1)

exploitdb WORKING POC VERIFIED
by doe · cremotewindows
https://www.exploit-db.com/exploits/21643

This exploit targets a buffer overflow in CodeBlue's SMTP response handling. It sets up a fake SMTP server to deliver a crafted response containing shellcode, triggering remote code execution when CodeBlue processes the log entry.

Classification
Working Poc 80%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CodeBlue (Apache log scanning utility)
No auth needed
Prerequisites: CodeBlue running on a vulnerable system · Ability to inject a log entry into the target's Apache logs · Network access to the target's SMTP port
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Patch x_refsource_misc
http://freshmeat.net/releases/71514/
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101392671306875&w=2

Scores

EPSS 0.0445
EPSS Percentile 90.2%

Details

Status published
Products (1)
codeblue/codeblue < 4
Published May 31, 2002
Tracked Since Feb 18, 2026