How to Buy
This script is Copyright (C) 2002-2016 Digital Defense, Inc.
It may be possible to execute arbitrary commands on the remote
A vulnerability exists within IMail that allows remote attackers to
gain SYSTEM level access to servers running IMail's SMTP daemon
(versions 6.06 and below). The vulnerability stems from the IMail
SMTP daemon not doing proper bounds checking on various input data
that gets passed to the IMail Mailing List handler code. If an
attacker crafts a special buffer and sends it to a remote IMail SMTP
server, it is possible that an attacker can remotely execute code
(commands) on the IMail system.
See also :
Apply vendor-supplied patches.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.8
Public Exploit Available : true
Family: SMTP problems
Nessus Plugin ID: 10994 (DDI_IPSwitch-IMail-SMTP-Buffer-Overflow.nasl)
Bugtraq ID: 20832651
CVE ID: CVE-2001-0039CVE-2001-0494
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.