EIP-2026-103521

PRE-CVE

Ipswitch IMail 5.0 - Whois32 Daemon Buffer Overflow (Denial of Service) (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103521. PoCs published by Marc of eEye.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in IMail's whois server by sending a 1000-character string to port 43, causing a crash. The PoC is minimal but functional for triggering the DoS condition.

Description

Ipswitch IMail 5.0 - Whois32 Daemon Buffer Overflow (Denial of Service) (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc of eEye · textdosmultiple

https://www.exploit-db.com/exploits/19382

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in IMail's whois server by sending a 1000-character string to port 43, causing a crash. The PoC is minimal but functional for triggering the DoS condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: IMail whois server (version unspecified)

No auth needed

Prerequisites: network access to target's port 43

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026