Eudora Internet Mail Server for Mac OS USER Overflow

critical Nessus Plugin ID 17295

Language:

Synopsis

Arbitrary code may be run on the remote machine.

Description

The remote poppassd daemon crashes when a too long name is sent after the USER command.

It might be possible for a remote attacker to run arbitrary code on this machine.

Solution

Upgrade your software or use another one.

Plugin Details

Severity: Critical

ID: 17295

File Name: poppassd_too_long_user.nasl

Version: 1.14

Type: remote

Family: Gain a shell remotely

Published: 3/8/2005

Updated: 7/25/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/14/1998

Reference Information

CVE: CVE-1999-1113

BID: 75

Detections

Analytics