GoodTech SMTP Server < 5.17 Multiple Buffer Overflows

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote SMTP server contains several buffer overflow flaws.

Description :

The version of GoodTech SMTP Server running on the remote host is
prone to multiple buffer overflow vulnerabilities when processing RCPT
TO commands. An attacker can exploit these flaws to run arbitrary
code remotely, by default as the SYSTEM user.

See also :

http://www.securityfocus.com/archive/1/406321/30/0/threaded

Solution :

Upgrade to GoodTech SMTP Server 5.17 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: SMTP problems

Nessus Plugin ID: 19384 (goodtech_smtpd_517.nasl)

Bugtraq ID: 14357

CVE ID: CVE-2005-2387