CVE-2011-4040

NJStar Communicator MiniSmtp 3.0.11818 - Remote Code Execution via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2011-4040. PoCs published by Dillon Beresford, Zune, including Metasploit module exploits/windows/smtp/njstar_smtp_bof.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack overflow vulnerability in NJStar Communicator 3.00 MiniSMTP server. It uses an egghunter technique to bypass stack space constraints and achieves remote code execution on various Windows versions.

Description

Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows remote attackers to execute arbitrary code via a crafted packet.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Dillon Beresford · rubyremotewindows

https://www.exploit-db.com/exploits/18057

View Code ZIP pw:eip

This is a Metasploit module exploiting a stack overflow vulnerability in NJStar Communicator 3.00 MiniSMTP server. It uses an egghunter technique to bypass stack space constraints and achieves remote code execution on various Windows versions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NJStar Communicator 3.00 and prior (MiniSMTP Server)

No auth needed

Prerequisites: Network access to the MiniSMTP server (port 25)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Zune · pythondoswindows

https://www.exploit-db.com/exploits/18196

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in NJStar Communicator 3.0 MiniSmtp service, bypassing ASLR on Windows 7. It sends multiple crafted packets to trigger the overflow and execute shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NJStar Communicator 3.0 (Build 11818 and previous)

No auth needed

Prerequisites: Network access to the target's SMTP port (25) · Target running NJStar Communicator 3.0 with vulnerable MiniSmtp service

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Dillon Beresford · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smtp/njstar_smtp_bof.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in NJStar Communicator 3.00 MiniSMTP server via a maliciously crafted SMTP command. It uses an egghunter to bypass space constraints and achieves remote code execution on vulnerable Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: NJStar Communicator 3.00 MiniSMTP server

No auth needed

Prerequisites: Network access to the MiniSMTP server on port 25 · Vulnerable version of NJStar Communicator

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/819630

Scores

EPSS 0.6568

EPSS Percentile 99.2%

Details

CWE

CWE-119

Status published

Products (1)

njstar/njstar_communicator 3.0.11818

Published Nov 21, 2011

Tracked Since Feb 18, 2026