CVE-2008-0434

Gecad Technologies Axigen Mail Server - Numeric Error

Title source: rule

Description

Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hempel · cremotelinux

https://www.exploit-db.com/exploits/4947

View Code ZIP pw:eip

References (8)

[Exploit] http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059788.html

[Vendor Advisory] http://secunia.com/advisories/28562

[Exploit] http://www.securityfocus.com/bid/27363

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39803

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/486722/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4947

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0237

[Third Party Advisory] http://securityreason.com/securityalert/3570

Scores

EPSS 0.1964

EPSS Percentile 95.4%

Details

CWE

CWE-189

Status published

Products (1)

gecad_technologies/axigen_mail_server 5.0.2

Published Jan 23, 2008

Tracked Since Feb 18, 2026