Magic Winmail Server PASS Command Remote Format String
High Nessus Plugin ID 11742
SynopsisThe remote mail server is prone to a format string attack.
DescriptionThe remote Winmail POP server, according to its banner, is vulnerable to a format string attack when processing the USER command.
An unauthenticated attacker may use this flaw to execute arbitrary code on this host.
SolutionUpgrade to WinMail version 2.4 (Build 0530) or later.