CVE-2002-1057

SmartMax MailMax POP3 Daemon 4.8 - Remote Code Execution via Long USER Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1057. PoCs published by anonymous.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in MailMax's POP3 daemon (popmax) via an overly large 'USER' argument. It leverages register control (EDX) to execute arbitrary shellcode, with payloads tailored for Windows 2000 and XP.

Description

Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · cremotewindows

https://www.exploit-db.com/exploits/21633

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in MailMax's POP3 daemon (popmax) via an overly large 'USER' argument. It leverages register control (EDX) to execute arbitrary shellcode, with payloads tailored for Windows 2000 and XP.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SmartMax MailMax Standard/Professional 4.8

No auth needed

Prerequisites: Network access to the POP3 service (port 110)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9651.php

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5285

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-07/0245.html

Scores

EPSS 0.0990

EPSS Percentile 95.0%

Details

Status published

Products (1)

smartmax_software/mailmax 4.8

Published Oct 04, 2002

Tracked Since Feb 18, 2026