TFS SMTP 3.2 MAIL FROM overflow

This script is Copyright (C) 1999-2012 Tenable Network Security, Inc.


Synopsis :

The remote mail server may be affected by a buffer overflow
vulnerability.

Description :

The remote SMTP server may be affected by a buffer overflow triggered
when it receives an overly long argument to the 'MAIL FROM' command.

This vulnerability is reported to affect TenFour TFS SMTP and may
allow an unauthenticated remote attacker to crash the service or even
execute arbitrary code on this system.

See also :

http://archives.neohapsis.com/archives/bugtraq/1999-q3/0778.html

Solution :

Upgrade to TenFour TFS SMTP 4.0 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SMTP problems

Nessus Plugin ID: 10284 ()

Bugtraq ID:

CVE ID: CVE-1999-1516