This script is Copyright (C) 2000-2014 Tenable Network Security, Inc.
The remote management service is prone to a buffer overflow.
The remote NAI WebShield SMTP Management tool is vulnerable to a
buffer overflow which allows an attacker to gain execute arbitrary
code on this host when it is issued a too long argument as a
In addition to this, it allows an attacker to disable the service at
To re-enable the service :
- execute regedit
- edit the registry key 'Quarantine_Path' under
HKLM\SOFTWARE\Network Associates\TVD\WebShield SMTP\MailScan
- change its value from 'XXX...XXX' to the valid path to
the quarantine folder.
- restart the service
Filter incoming traffic to this port. You may also restrict the set of
trusted hosts in the configuration console : - go to the 'server'
section - select the 'trusted clients' tab - and set the data
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5