Detections
Analytics

MDaemon < 9.0.6 POP3 Server USER / APOP Command Remote Overflow

medium Nessus Plugin ID 22256

Language:

Synopsis

The remote POP3 server is affected by multiple buffer overflow flaws.

Description

According to its banner, the POP3 server bundled with the version of MDaemon on the remote host has two buffer overflows that can be triggered with long arguments to the 'USER' and 'APOP' commands. By exploiting these issues, a remote, unauthenticated user can reportedly crash the affected service or run arbitrary code with LOCAL SYSTEM privileges.

Solution

Upgrade to MDaemon version 9.0.6 or later.

See Also

http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-08-04

https://www.securityfocus.com/archive/1/444015/30/0/threaded

http://files.altn.com/MDaemon/Release/RelNotes_en.html

Plugin Details

Severity: Medium

ID: 22256

File Name: mdaemon_906.nasl

Version: 1.18

Type: remote

Agent: windows

Family: Windows

Published: 8/23/2006

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:alt-n:mdaemon

Required KB Items: mdaemon/installed

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/22/2006

Reference Information

CVE: CVE-2006-4364

BID: 19651