CVE-2005-2943

XMail <1.22 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qaaz · clocallinux

https://www.exploit-db.com/exploits/1267

View Code ZIP pw:eip

References (12)

[Third Party Advisory] http://www.debian.org/security/2005/dsa-902

[Patch, Vendor Advisory] http://www.idefense.com/application/poi/display?id=321&type=vulnerabilities

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15103

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/22724

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200512-05.xml

[Third Party Advisory] http://secunia.com/advisories/18052

[Various Sources] http://www.xmailserver.org/ChangeLog.html#oct_12__2005_v_1_22

[Third Party Advisory] http://securityreason.com/securityalert/81

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20010

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015055

[Third Party Advisory] http://secunia.com/advisories/17637

[Third Party Advisory] http://secunia.com/advisories/17194

Scores

EPSS 0.2730

EPSS Percentile 96.4%

Details

Status published

Products (21)

davide_libenzi/xmail 1.0

davide_libenzi/xmail 1.1

davide_libenzi/xmail 1.2

davide_libenzi/xmail 1.3

davide_libenzi/xmail 1.4

davide_libenzi/xmail 1.5

davide_libenzi/xmail 1.6

davide_libenzi/xmail 1.7

davide_libenzi/xmail 1.8

davide_libenzi/xmail 1.9

... and 11 more

Published Oct 13, 2005

Tracked Since Feb 18, 2026