|
Family: Gain root remotely --> Category: attack
MailEnable POP3 Server APOP Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to crash MailEnable POP3 Server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote POP3 server is affected by a buffer overflow flaw.
Description :
The remote host is running MailEnable, a commercial mail server for
Windows.
The POP3 server bundled with the version of MailEnable on the remote
host has a buffer overflow flaw involving the APOP command that can be
exploited remotely by an unauthenticated attacker to crash the
affected service and possibly to execute code remotely.
See also :
http://forum.mailenable.com/viewtopic.php?t=9845
http://www.mailenable.com/hotfix/default.asp
Solution :
Apply the ME-10012 hotfix or upgrade to MailEnable Standard Edition
1.94 / Professional Edition 1.74 / Enterprise Edition 1.22 or later
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|