Eudora Internet Mail Server for Mac OS USER Overflow

Critical Nessus Plugin ID 17295


Arbitrary code may be run on the remote machine.


The remote poppassd daemon crashes when a too long name is sent after the USER command.

It might be possible for a remote attacker to run arbitrary code on this machine.


Upgrade your software or use another one.

Plugin Details

Severity: Critical

ID: 17295

File Name: poppassd_too_long_user.nasl

Version: $Revision: 1.13 $

Type: remote

Published: 2005/03/08

Modified: 2015/12/23

Dependencies: 14773, 17975

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 1998/04/14

Reference Information

CVE: CVE-1999-1113

BID: 75

OSVDB: 7035