This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.
The remote mail server has a buffer overflow vulnerability.
The remote host appears to be running a vulnerable version of CMail.
Issuing a long argument to the 'MAIL FROM' command can result in a
buffer overflow. An attack would look something similar to :
MAIL FROM: AAA[...]AAA@nessus.org
Where AAA[...]AAA contains more than 8000 'A's.
A remote attacker could exploit this issue to crash the mail server,
or possibly to execute arbitrary code.
See also :
Contact the vendor for a fix.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: SMTP problems
Nessus Plugin ID: 10047 (cmail_overflow.nasl)
Bugtraq ID: 633
CVE ID: CVE-1999-1521
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.