CVE-2005-0892

smail 3.2.0.120 - Buffer Overflow via SMTP MAIL FROM Command

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-0892. PoCs published by infamous41md, infamous42md.

AI-analyzed exploit summary This exploit targets a heap-based buffer overflow in smail's preparse_address_1() function, allowing remote code execution via a crafted SMTP command. It includes shellcode for a reverse shell and demonstrates the vulnerability with detailed comments on alignment and heap manipulation challenges.

Description

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.

Exploits (2)

exploitdb WORKING POC VERIFIED

by infamous41md · cremotelinux

https://www.exploit-db.com/exploits/900

View Code ZIP pw:eip

This exploit targets a heap-based buffer overflow in smail's preparse_address_1() function, allowing remote code execution via a crafted SMTP command. It includes shellcode for a reverse shell and demonstrates the vulnerability with detailed comments on alignment and heap manipulation challenges.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: smail (version not specified)

No auth needed

Prerequisites: Network access to SMTP port (25) · Target system running vulnerable smail version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by infamous42md · cremotelinux

https://www.exploit-db.com/exploits/25275

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in Smail-3's preparse_address_1() function, allowing remote code execution with superuser privileges. It uses a crafted SMTP command to overflow the heap and redirect execution to shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Smail-3 3.2.0.120

No auth needed

Prerequisites: Network access to SMTP port (25) · Target running vulnerable Smail-3 version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-722

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111177045217717&w=2

Scores

EPSS 0.0900

EPSS Percentile 94.6%

Details

Status published

Products (1)

smail/smail 3.2.0.120

Published Mar 28, 2005

Tracked Since Feb 18, 2026