 |
|
|
Family: Gain root remotely --> Category: mixed
BusinessMail Remote Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for remote buffer overflow vulnerabilities in BusinessMail
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote SMTP server is susceptible to buffer overflow attacks.
Description :
The remote host is running BusinessMail, a commercial mail server for
Windows from NetCPlus.
The version of BusinessMail on the remote host fails to sanitize input
to the 'HELO' and 'MAIL FROM' SMTP commands, which can be exploited by
an unauthenticated remote attacker to crash the SMTP service and
possibly even execute arbitrary code within the context of the server
process.
See also :
http://reedarvin.thearvins.com/20050730-01.html
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035647.html
Solution :
Unknown at this time.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
|
|
|
|
