This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote mail server is prone to a buffer overflow attack.
The remote server is running Citadel, an open source solution for
email and collaboration.
According to its version, the installation of Citadel on the remote
host uses insufficient bounds-checking in its SMTP service during
memory-copy operations when processing input to the RCPT TO command.
An unauthenticated, remote attacker may be able to leverage this issue
to cause a stack-based buffer overflow, resulting in a crash of the
affected service or even execution of arbitrary code.
Upgrade to Citadel version 7.11 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true
Family: SMTP problems
Nessus Plugin ID: 30123 (citadel_smtp_rcpt_overflow.nasl)
Bugtraq ID: 27376
CVE ID: CVE-2008-0394
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.