CVE-2009-0410

Novell GroupWise 6.5x-8.0 - Remote Code Execution via Malformed RCPT Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0410. PoCs published by Praveen Darshanam.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Novell GroupWise SMTP daemon via a malformed RCPT command with an overly long email address. It uses the Net::SMTP Perl module to send a crafted payload, potentially leading to remote code execution.

Description

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Praveen Darshanam · perldoswindows

https://www.exploit-db.com/exploits/7985

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Novell GroupWise SMTP daemon via a malformed RCPT command with an overly long email address. It uses the Net::SMTP Perl module to send a crafted payload, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0

No auth needed

Prerequisites: Network access to the vulnerable SMTP server · Perl with Net::SMTP module installed

MITRE ATT&CK