Detections
Analytics
Smail < 3.2.0.121 Multiple Vulnerabilities
medium Nessus Network Monitor Plugin ID 2772
Synopsis
The remote host is vulnerable to a remote 'format string' flaw.Description
The remote host is running a version of Smail, a mail transport agent, that is older or as old as than version 3.2.0.120. The remote version of this software contains various vulnerabilities that may allow a remote attacker to execute arbitrary code on the remote host by exploiting a heap overflow in the function which processes the 'MAIL FROM' command.Solution
Upgrade to Smail 3.2.0.121 or higher.See Also
http://archives.neohapsis.com/archives/bugtraq/2005-03/0435.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0459.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0462.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0474.html
Plugin Details
Severity: Medium
ID: 2772
Family: SMTP Servers
Published: 3/25/2005
Updated: 3/6/2019
Nessus ID: 17633
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Medium
Base Score: 5.9
Temporal Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:X
Vulnerability Information
CPE: cpe:/a:smail:smail
Reference Information
CVE: CVE-2005-0892, CVE-2005-0893