MDaemon SMTP HELO Command Remote Overflow DoS

This script is Copyright (C) 1999-2016 Tenable Network Security, Inc.

Synopsis :

The remote mail server may be affected by a buffer overflow

Description :

It was possible to crash the remote SMTP server by sending a too long
argument to the HELO command. This allows an unauthenticated, remote
attacker to deny service to legitimate users of the server.

It may also indicate the service is affected by a buffer overflow
vulnerability which, if true, would allow an attacker to execute
arbitrary code on the affected host, subject to the privileges under
which the service operates.

See also :

Solution :

Contact the vendor for a fix.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 10136 ()

Bugtraq ID: 8555

CVE ID: CVE-1999-0284

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now