poprelayd & sendmail Arbitrary Mail Relay

This script is Copyright (C) 2002-2014 Tenable Network Security, Inc.


Synopsis :

An open SMTP relay may be running on this port.

Description :

The remote SMTP server allows relaying for users which were identified
by 'POP before SMTP'. The access control mechanism is based on the POP
server logs. It is possible, though, to poison these logs. This means
that spammers would be able to use the server to send their emails to
the world, thus wasting network bandwidth, and thereby, creating the
possibility of being blacklisted.

*** Some SMTP servers such as Postfix will display a false positive
*** here.

See also :

http://archives.neohapsis.com/archives/bugtraq/2001-07/0064.html

Solution :

Disable poprelayd or upgrade it

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 11080 ()

Bugtraq ID: 2986

CVE ID: CVE-2001-1075