BaSoMail SMTP Multiple Command Remote Overflow DoS

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.

Synopsis :

The remote SMTP server has multiple buffer overflow vulnerabilities.

Description :

The remote SMTP server crashes when it is issued a HELO, MAIL FROM, or
RCPT TO command with an argument longer than 2100 characters. A
remote attacker could exploit this by crashing the server, or possibly
executing arbitrary code.

It is likely the remote SMTP server is running BaSoMail, though other
products may be affected as well.

See also :

Solution :

If the SMTP server is BaSoMail, consider using a different product, as
it has not been actively maintained for several years. Otherwise,
upgrade to the latest version of the SMTP server.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 11674 (basomail_overflow.nasl)

Bugtraq ID: 7726


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial