MDaemon IMAP Server FETCH Command Remote Buffer Overflow

This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.


Synopsis :

The remote mail server is affected by a buffer overflow
vulnerability.

Description :

According to its banner, the version of MDaemon installed on the remote
host contains a stack-based buffer overflow in its IMAP server component
that can be triggered via a FETCH command with a long BODY data item.
An authenticated, remote attacker may be able to leverage this issue to
crash the affected service or execute arbitrary code subject to the
privileges under which the service operates.

Note that MDaemon by default runs as a service with SYSTEM privileges
under Windows so successful exploitation could result in a complete
compromise of the affected system.

See also :

http://files.altn.com/MDaemon/Release/RelNotes_en.html

Solution :

Upgrade to MDaemon 9.6.5 or later.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.0
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 31640 ()

Bugtraq ID: 28245

CVE ID: CVE-2008-1358

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now