XtraMail Control Service Username Overflow
High Nessus Plugin ID 10323
SynopsisThe remote host is running a mail server with a remote buffer overflow vulnerability.
DescriptionThe remote host is running a version of XtraMail with a remote buffer overflow vulnerability. XtraMail includes a remote administration utility which listens on port 32000 for logins. Providing a username of over 15,000 characters causes a buffer overflow, which could allow a remote attacker to crash the service or potentially execute arbitrary code.
SolutionUpgrade to the latest version of the software.