CVE-2004-1752

Gaucho 1.4 Build 145 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1752. PoCs published by Tan Chew Keong.

AI-analyzed exploit summary This exploit simulates a malicious POP3 server to trigger a buffer overflow in Gaucho Mail Client 1.4 via a malformed Content-Type header, leading to arbitrary code execution (bind shell on port 2001). It leverages SEH overwrite with a JMP EDI instruction to redirect execution to embedded shellcode.

Description

Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tan Chew Keong · cremotewindows

https://www.exploit-db.com/exploits/421

View Code ZIP pw:eip

This exploit simulates a malicious POP3 server to trigger a buffer overflow in Gaucho Mail Client 1.4 via a malformed Content-Type header, leading to arbitrary code execution (bind shell on port 2001). It leverages SEH overwrite with a JMP EDI instruction to redirect execution to embedded shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Gaucho Mail Client 1.4

No auth needed

Prerequisites: Vulnerable Gaucho Mail Client 1.4 on Windows 2000 SP4 · Network access to target

MITRE ATT&CK