|
|
Family: SMTP problems --> Category: infos
Smail-3 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks the version of the remote Smail daemon
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote mail server is affected by multiple vulnerabilities.
Description :
According to its banner, the remote host is running as its mail server
S-mail version 3.2.0.120 or older. Such versions contain various
vulnerabilities that may allow an unauthenticated attacker to execute
arbitrary code on the remote host by exploiting a heap overflow by
sending a malformed argument to the 'MAIL FROM' command.
See also :
http://archives.neohapsis.com/archives/bugtraq/2005-03/0435.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0459.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0462.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0474.html
ftp://ftp.weird.com/pub/local/smail-3.2.0.121.ChangeLog
Solution :
Upgrade to Smail 3.2.0.121 or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
