SMTP Generic Overflow Detection

critical Nessus Plugin ID 11772

Language:

Synopsis

The remote SMTP server is vulnerable to a buffer overflow.

Description

The remote SMTP server crashes when it is sent a command with a too long argument.

An attacker might use this flaw to kill this service or worse, execute arbitrary code on the server.

Solution

This plugin tests for a generic condition. It may be remedied by upgrading, reconfiguring, or changing the SMTP Server (MTA).

Plugin Details

Severity: Critical

ID: 11772

File Name: smtp_overflows.nasl

Version: Revision: 1.17

Type: remote

Family: SMTP problems

Published: 6/25/2003

Updated: 5/26/2014

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Detections

Analytics