Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain root remotely --> Category: mixed

BusinessMail Remote Buffer Overflow Vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
Checks for remote buffer overflow vulnerabilities in BusinessMail

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote SMTP server is susceptible to buffer overflow attacks.

Description :

The remote host is running BusinessMail, a commercial mail server for
Windows from NetCPlus.

The version of BusinessMail on the remote host fails to sanitize input
to the 'HELO' and 'MAIL FROM' SMTP commands, which can be exploited by
an unauthenticated remote attacker to crash the SMTP service and
possibly even execute arbitrary code within the context of the server
process.

See also :

http://reedarvin.thearvins.com/20050730-01.html
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035647.html

Solution :

Unknown at this time.

Threat Level:

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.