CVE-2003-0263

Floosietek FTGate Pro Mail Server <1.22 - RCE

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0263. PoCs published by Dennis Rand.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Floosietek FTGate PRO mail server by sending an overly long SMTP 'Rcpt To' argument. The PoC attempts to crash the service and potentially overwrite the exception handler to achieve remote code execution as SYSTEM.

Description

Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Dennis Rand · perldoswindows

https://www.exploit-db.com/exploits/22569

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Floosietek FTGate PRO mail server by sending an overly long SMTP 'Rcpt To' argument. The PoC attempts to crash the service and potentially overwrite the exception handler to achieve remote code execution as SYSTEM.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Floosietek FTGate PRO Mail Server v. 1.22 (HotFix 1328)

No auth needed

Prerequisites: Network access to the SMTP port (25) of the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →