XtraMail SMTP HELO Command Remote Overflow

This script is Copyright (C) 1999-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is running a mail server with a remote buffer overflow
vulnerability.

Description :

The remote host is running a version of XtraMail with a remote buffer
overflow vulnerability. The overflow is caused by by issuing the
'HELO' command, followed by a long argument.

The HELO command is typically one of the first commands required by a
mail server. The command is used by the mail server as a first attempt
to allow the client to identify itself. As such, this command occurs
before there is any authentication or validation of mailboxes, etc.

This issue may allow an attacker to crash the mail server, or possibly
execute arbitrary code.

See also :

http://archives.neohapsis.com/archives/ntbugtraq/1999-q3/0362.html

Solution :

Contact the vendor for a patch.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:U/RL:U/RC:ND)

Family: SMTP problems

Nessus Plugin ID: 10324 ()

Bugtraq ID: 791

CVE ID: CVE-1999-1511