SLMail HELO Command Remote Overflow

high Nessus Plugin ID 10256

Synopsis

The remote mail server may be affected by a buffer overflow vulnerability.

Description

There might be a buffer overflow when this MTA is issued the 'HELO' command issued by a too long argument. This problem may allow an attacker to execute arbitrary code on this computer, subject to the privileges under which the service operates, or to deny service to legitimate users of the server.

Solution

Contact the vendor for a fix.

See Also

https://www.beyondtrust.com/resources/blog/research/

Plugin Details

Severity: High

ID: 10256

File Name: slmail_helo.nasl

Version: 1.37

Type: remote

Published: 6/22/1999

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Vulnerability Publication Date: 2/4/1999

Reference Information

CVE: CVE-1999-0284