Detections
Analytics

MDaemon POP Server Multiple Command Remote Overflow DoS

medium Nessus Plugin ID 11570

Language:

Synopsis

The remote POP server has a denial of service vulnerability.

Description

According to its banner, the remote POP server has a denial of service vulnerability. Input to the DELE and UIDL commands are not properly handled. A remote, authenticated attacker could exploit this to crash the POP service.

Solution

Upgrade to MDaemon 6.5.0 or later.

See Also

https://seclists.org/bugtraq/2003/Apr/357

Plugin Details

Severity: Medium

ID: 11570

File Name: mdaemon_dele_dos.nasl

Version: 1.19

Type: remote

Agent: windows

Family: Windows

Published: 5/5/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:alt-n:mdaemon

Required KB Items: mdaemon/installed

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/27/2002

Reference Information

CVE: CVE-2002-1539

BID: 6053