CVE-2004-0777

Courier-IMAP 1.6.0-2.2.1 and 3.x-3.0.3 - Remote Code Execution via Format String in auth_debug

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0777. PoCs published by ktha.

AI-analyzed exploit summary This exploit targets a remote format string vulnerability in courier-imap <= 3.0.2-r1. It leverages format string specifiers to overwrite stack addresses and execute shellcode, achieving remote code execution.

Description

Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ktha · cremotebsd

https://www.exploit-db.com/exploits/432

View Code ZIP pw:eip

This exploit targets a remote format string vulnerability in courier-imap <= 3.0.2-r1. It leverages format string specifiers to overwrite stack addresses and execute shellcode, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: courier-imap <= 3.0.2-r1

Auth required

Prerequisites: Network access to the target IMAP service · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources vendor-advisory x_refsource_trustix

http://www.trustix.net/errata/2004/0043/

Various Sources third-party-advisory x_refsource_idefense

http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=131

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10976

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200408-19.xml

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17034

Scores

EPSS 0.1091

EPSS Percentile 95.3%

Details

CWE

CWE-134

Status published

Products (8)

inter7/courier-imap 1.6

inter7/courier-imap 1.7

inter7/courier-imap 2.0.0

inter7/courier-imap 2.1

inter7/courier-imap 2.1.1

inter7/courier-imap 2.1.2

inter7/courier-imap 2.2.0

inter7/courier-imap 2.2.1

Published Oct 20, 2004

Tracked Since Feb 18, 2026