NetCPlus SmartServer3 POP3 (NCPOPSERV.EXE) USER Command Remote Overflow

critical Nessus Plugin ID 10257

Synopsis

The remote mail server is vulnerable to a buffer overflow.

Description

The remote pop3 server seems vulnerable to a buffer overflow when issued a very long command.

This *may* allow an attacker to execute arbitrary commands as root on the remote POP3 server.

Solution

Contact your vendor for a patch or upgrade.

See Also

https://seclists.org/bugtraq/1999/Nov/149

Plugin Details

Severity: Critical

ID: 10257

File Name: smartserver_pop_overflow.nasl

Version: 1.29

Type: remote

Published: 11/12/1999

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 790