CVE-2007-4377

SurgeMail 38k - Authenticated Stack-Based Buffer Overflow via IMAP SEARCH Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4377. PoCs published by Joey Mengele.

AI-analyzed exploit summary This exploit targets an IMAP server vulnerability (CVE-2007-4377) by sending a maliciously crafted SEARCH command with a buffer overflow payload. It includes shellcode to bind a shell on TCP port 9999, leveraging specific memory addresses for Windows 2003.

Description

Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Joey Mengele · pythonremotewindows

https://www.exploit-db.com/exploits/4287

View Code ZIP pw:eip

This exploit targets an IMAP server vulnerability (CVE-2007-4377) by sending a maliciously crafted SEARCH command with a buffer overflow payload. It includes shellcode to bind a shell on TCP port 9999, leveraging specific memory addresses for Windows 2003.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IMAP server (specific version not explicitly stated, but likely older Windows-based implementations)

Auth required

Prerequisites: Network access to the target IMAP server · Valid IMAP credentials

MITRE ATT&CK