GoodTech SMTP Server < 5.17 'RCPT TO' Command Remote Overflow (deprecated)

critical Nessus Network Monitor Plugin ID 3106

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the GoodTech SMTP server. This version of GoodTech is vulnerable to a remote buffer overflow. An attacker exploiting this flaw would send a malformed 'RCPT TO' request to the SMTP server. Successful exploitation would result in the attacker running arbitrary code on the remote system.

Solution

Upgrade to version 5.17 or higher.

Plugin Details

Severity: Critical

ID: 3106

Family: SMTP Servers

Published: 7/23/2005

Updated: 9/16/2018

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Reference Information

CVE: CVE-2005-2387

BID: 14357

Detections

Analytics