CVE-2011-4919

HIGH

mpack 1.6 - Unauthorized Information Exposure via Mail Eavesdropping

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4919. PoCs published by hartwork.

AI-analyzed exploit summary This PoC monitors temporary directories for files created by the mpack tool and copies their contents to a specified output directory. It uses inotify to detect file creation events and a separate thread to process and rip the files.

Description

mpack 1.6 has information disclosure via eavesdropping on mails sent by other users

Exploits (1)

nomisec WORKING POC 1 stars

by hartwork · poc

https://github.com/hartwork/mpacktrafficripper

View Code ZIP pw:eip

This PoC monitors temporary directories for files created by the mpack tool and copies their contents to a specified output directory. It uses inotify to detect file creation events and a separate thread to process and rip the files.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: mpack (unspecified version)

No auth needed

Prerequisites: Access to the system where mpack is being used · Permission to monitor /tmp or /var/tmp directories

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory x_refsource_misc

https://security-tracker.debian.org/tracker/CVE-2011-4919

Broken Link x_refsource_misc

https://access.redhat.com/security/cve/cve-2011-4919

Exploit, Mailing List, Third Party Advisory x_refsource_misc

https://www.openwall.com/lists/oss-security/2011/12/31/1

Scores

CVSS v3 7.5

EPSS 0.0224

EPSS Percentile 80.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (1)

mpack_project/mpack 1.6

Published Nov 19, 2019

Tracked Since Feb 18, 2026