MailCarrier < 3.0.1 SMTP EHLO Command Remote Overflow

high Nessus Plugin ID 15902

Synopsis

The remote SMTP server is affected by a remote command execution vulnerability.

Description

The target is running at least one instance of MailCarrier in which the SMTP service suffers from a buffer overflow vulnerability. By sending an overly long EHLO command, a remote attacker can crash the SMTP service and execute arbitrary code on the target.

Solution

Upgrade to MailCarrier 3.0.1 or greater.

See Also

https://seclists.org/bugtraq/2004/Oct/283

Plugin Details

Severity: High

ID: 15902

File Name: mailcarrier_smtp_overflow.nasl

Version: 1.19

Type: remote

Published: 12/3/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/26/2004

Exploitable With

Metasploit (TABS MailCarrier v2.51 SMTP EHLO Overflow)

Reference Information

CVE: CVE-2004-1638

BID: 11535