SLMail < 5.1.0.4433 Multiple Command Remote Overflows

high Nessus Plugin ID 11593

Language:

Synopsis

The remote mail server is vulnerable to multiple buffer overflows.

Description

The remote host is running a version of the SLmail SMTP server which is vulnerable to various overflows which may allow to execute arbitrary commands on this host or to disable it remotely.

Solution

Upgrade to SLMail 5.1.0.4433 or newer

See Also

https://marc.info/?l=bugtraq&m=105232506011335&w=2

Plugin Details

Severity: High

ID: 11593

File Name: slmail_smtp_overflows.nasl

Version: 1.20

Type: remote

Published: 5/7/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 5/7/2003

Exploitable With

Metasploit (Seattle Lab Mail 5.5 POP3 Buffer Overflow)

Reference Information

CVE: CVE-2003-0264

BID: 7512, 7515, 7519, 7525, 7526