Detections
Analytics

XtraMail POP3 PASS Command Remote Overflow

critical Nessus Plugin ID 10325

Synopsis

The remote host is running a mail server with a remote buffer overflow vulnerability.

Description

The remote POP3 server is vulnerable to the following buffer overflow :

 USER test PASS <buffer>

This may allow an attacker to execute arbitrary commands as root on the remote POP3 server.

Solution

Contact the vendor for the latest update.

See Also

https://seclists.org/bugtraq/1999/Nov/128

Plugin Details

Severity: Critical

ID: 10325

File Name: xtramail_pop_overflow.nasl

Version: 1.48

Type: remote

Published: 11/10/1999

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/10/1999

Reference Information

CVE: CVE-1999-1511

BID: 791