CVE-2003-0264

Exploiting CVE 2003-0264 with a buffer-overflow attack using Python3

SLMail55 CVE 2003-0264 5 simple python3 scripts that are used to exploit a buffer-overflow bug in SLMail 55 A small accompanying guide has been written as well: SLMail55 - Google Docs

A POC remote buffer overflow for CVE-2003-0264 - SLMail 5.5

CVE-2003-0264 - Seattle Lab Mail 55 POP3 Buffer Overflow References cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2003-0264 Vulnerability SLMail has no bounds checking when submitting a POP3 password As a result, you can execute arbitrary code by submitting a long, malformed POP3 PASS to the SLMail server

zeit8042 - Shellcode Design to Buffer Overflow on Windows 7 Machine using vulnerable application as SLMail ZEIT8042: Introduction of Exploit Design Construct buffer overflow to exploit the system Later, DEP(enabled) environment also exploited by using ROP (Return Oriented Programming) Environment: Kali Linux 20

Exploit for CVE-2003-0264 based on pwntools and metasploit's windows/reverse_tcp

CVE-2003-0264 Exploit for buffer overflow in SLmail 55 (CVE-2003-0264) Based on: githubcom/Gallopsled/pwntools githubcom/rapid7/metasploit-framework Example output: $ /slmail-into-shellpy [+] Opening connection to 19216815100 on port 110: Done [+] Trying to bind to 0000 on port 4444: Done [+] Waiting for connections on 0000:4444: Got connection

CVE-2003-0264 - SLMail 5.5 POP3 'PASS' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.

CVE-2003-0264

Buffer Overflow in Seattle Lab Mail (SLmail) 5.5 - POP3

CVE-2003-0264_EXPLOIT Buffer Overflow in Seattle Lab Mail (SLmail) 55 - POP3 Simple STACK BAsed BUffer Overflow Step By Step 1) FUZZ The Application In the very First Step we will Fuzz The Application With a Simple Spike Script meanwhile we wil also have SLmail attached[and running] to immunity Debugger More On Spike:: resourcesinfosecinstitutecom/topic/intro-to-fuzz

Customizable TCP fuzzing tool to test for remote buffer overflows.

fuzza Customizable TCP fuzzing tool to test for remote buffer overflows fuzza is able to send and receive any initial commands prior sending the payload as well as sending any post commands after the payload has been sent In order to replicate and triage the buffer overflow, fuzza can be used to generate custom python scripts for attack, badchars and finding the eip

Public exploits and modifications

Exploits Public exploits modifications CVE-2002-0082 Apache mod_ssl < 287 OpenSSL - OpenFuckV2c Remote Buffer Overflow Fixes compilation errors CVE-2009-3103 Remote Code Execution via "SMBv2 Negotiation Vulnerability" Fixes compilation errors CVE-2017-0143 aka MS17-010 Remote Code Execution vulnerability in Microsoft SMBv1 Fixes compilation errors CVE-2003-