CVE-2005-0560

Exchange Server 2000 and 2003 - Remote Code Execution via X-LINK2STATE SMTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0560. PoCs published by Evgeny Pinchuk.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in Microsoft Exchange 2000 SP3 via the X-LINK2STATE command. It sends crafted chunks to trigger the overflow and execute shellcode for remote code execution.

Description

Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Evgeny Pinchuk · perlremotewindows

https://www.exploit-db.com/exploits/947

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in Microsoft Exchange 2000 SP3 via the X-LINK2STATE command. It sends crafted chunks to trigger the overflow and execute shellcode for remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Exchange 2000 SP3

No auth needed

Prerequisites: Network access to the target SMTP port (25) · Vulnerable Microsoft Exchange 2000 SP3 installation

MITRE ATT&CK