WinGate Proxy POP3 USER Overflow

medium Nessus Plugin ID 10311

Synopsis

The remote proxy is vulnerable to denial of service.

Description

The remote POP3 server, which is probably part of WinGate, could be crashed with the following command :

USER x#999(...)999

This problem may prevent users on your network from retrieving their emails.

Solution

Configure WinGate so that only authorized users can use it.

See Also

https://seclists.org/bugtraq/1998/Jul/41

Plugin Details

Severity: Medium

ID: 10311

File Name: wingate_user.nasl

Version: 1.33

Type: remote

Agent: windows

Family: Windows

Published: 6/22/1999

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:wingate:wingate

Vulnerability Publication Date: 7/2/1998

Reference Information

CVE: CVE-1999-0494