Eudora WorldMail Mail Management Server (MAILMA.exe) Remote Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote service is affected by a buffer overflow vulnerability.

Description :

The remote host is running Eudora WorldMail, a commercial mail server
for Windows.

According to its banner, the version of Eudora Worldmail installed on
the remote host contains a heap-based buffer overflow flaw in its Mail
Management Agent. Using a specially crafted request, an
unauthenticated, remote attacker may be able to leverage this issue to
crash the affected service or execute arbitrary code on the remote
host. Since the service runs with LOCAL SYSTEM privileges by default,
this could lead to a complete compromise of the affected host.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-07-001.html
http://seclists.org/fulldisclosure/2007/Jan/137

Solution :

Either block access to the affected port or switch to another product
as the vendor is rumoured to have said it will not release a fix.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 24757 ()

Bugtraq ID: 21897

CVE ID: CVE-2006-6336

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now