|
Family: Gain root remotely --> Category: infos
MailEnable POP Service PASS Command Buffer Overflow Vulnerability (ME-10026) Vulnerability Scan
Vulnerability Scan Summary Checks version of MailEnable's MEPOPS.exe
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote POP server is affected by a buffer overflow.
Description :
The POP server bundled with the version of MailEnable installed on the
remote host reportedly is affected by a buffer overflow involving the
'PASS' command. An unauthenticated remote attacker may be able to
exploit this issue to crash the service service or to execute
arbitrary code with LOCAL SYSTEM rights.
See also :
http://secunia.com/secunia_research/2006-75/advisory/
http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0327.html
http://www.mailenable.com/hotfix/
Solution :
Apply Hotfix ME-10026.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|