This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.
The remote mail server is affected by multiple vulnerabilities.
The remote host is running AXIGEN Mail Server, a messaging system for
Linux and BSD.
The POP3 server component of AXIGEN Mail Server contains a format
string vulnerability because it calls syslog() when logtypeis set to
'system'. In addition, the IMAP server component is affected by two
denial of service issues involving PLAIN and CRAM-MD5 authentication
methods. An unauthenticated, remote attacker can leverage these issues
to crash the IMAP service and possibly execute arbitrary code
See also :
Upgrade to AXIGEN Mail Server version 2.0.0 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 9.5
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 24321 (axigen_imap_auth_dos.nasl)
Bugtraq ID: 2247322603
CVE ID: CVE-2007-0886CVE-2007-0887
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.