|
Family: Denial of Service --> Category: infos
MDaemon DELE DoS Vulnerability Scan
Vulnerability Scan Summary Acertains the version number of the remote POP server
Detailed Explanation for this Vulnerability Test
It is possible to crash the remote MDaemon server by suppling
oversized arguments to the commands DELE and UIDL.
A possible hacker may use this flaw to prevent other users from
fetching their e-mail. It will also crash other MDaemon services
(SMTP, IMAP), thus preventing this server from receiving any email
as well.
To exploit this flaw, a valid POP account is needed.
*** Nessus solely relied on the version number of the remote server
*** to issue this warning.
Solution : upgrade to MDaemon 6.5.0
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|