NetCPlus SmartServer3 POP3 (NCPOPSERV.EXE) USER Command Remote Overflow

This script is Copyright (C) 1999-2011 Tenable Network Security, Inc.


Synopsis :

The remote mail server is vulnerable to a buffer overflow.

Description :

The remote pop3 server seems vulnerable to a buffer overflow when issued a
very long command.

This *may* allow an attacker to execute arbitrary commands
as root on the remote POP3 server.

See also :

http://seclists.org/bugtraq/1999/Nov/149

Solution :

Contact your vendor for a patch or upgrade.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 10257 ()

Bugtraq ID: 790

CVE ID: