Detections
Analytics

BusinessMail Multiple SMTP Command Remote Buffer Overflows

critical Nessus Plugin ID 19365

Language:

Synopsis

The remote SMTP server is susceptible to buffer overflow attacks.

Description

The remote host is running BusinessMail, a commercial mail server for Windows from NetCPlus.

The version of BusinessMail on the remote host fails to sanitize input to the 'HELO' and 'MAIL FROM' SMTP commands, which can be exploited by an unauthenticated, remote attacker to crash the SMTP service and possibly even execute arbitrary code within the context of the server process.

Solution

Upgrade to BusinessMail 4.7 or later.

See Also

http://reedarvin.thearvins.com/20050730-01.html

http://www.nessus.org/u?ac6c13db

http://www.attrition.org/pipermail/vim/2007-June/001640.html

Plugin Details

Severity: Critical

ID: 19365

File Name: businessmail_smtp_overflows.nasl

Version: 1.19

Type: remote

Published: 8/2/2005

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/1/2005

Reference Information

CVE: CVE-2005-2472

BID: 14434