This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
The remote mail server is affected by a buffer overflow
According to its banner, the version of MDaemon installed on the remote
host contains a stack-based buffer overflow in its IMAP server component
that can be triggered via a FETCH command with a long BODY data item.
An authenticated, remote attacker may be able to leverage this issue to
crash the affected service or execute arbitrary code subject to the
privileges under which the service operates.
Note that MDaemon by default runs as a service with SYSTEM privileges
under Windows so successful exploitation could result in a complete
compromise of the affected system.
See also :
Upgrade to MDaemon 9.6.5 or later.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.0
Public Exploit Available : true