MDaemon POP Server Multiple Command Remote Overflow DoS

Medium Nessus Plugin ID 11570


The remote POP server has a denial of service vulnerability.


According to its banner, the remote POP server has a denial of service vulnerability. Input to the DELE and UIDL commands are not properly handled. A remote, authenticated attacker could exploit this to crash the POP service.


Upgrade to MDaemon 6.5.0 or later.

See Also

Plugin Details

Severity: Medium

ID: 11570

File Name: mdaemon_dele_dos.nasl

Version: $Revision: 1.16 $

Type: remote

Agent: windows

Family: Windows

Published: 2003/05/05

Modified: 2016/10/27

Dependencies: 66633

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:alt-n:mdaemon

Required KB Items: mdaemon/installed

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2002/10/27

Reference Information

CVE: CVE-2002-1539

BID: 6053

OSVDB: 12047