Eudora Internet Mail Server (EIMS) < 3.2.8 Multiple DoS

medium Nessus Plugin ID 20394

Synopsis

The remote mail server is affected by multiple denial of service flaws.

Description

The remote host appears to be running Eudora Internet Mail Server, a mail server for Macs.

According to its banner, the version of Eudora Internet Mail Server (EIMS) installed on the remote host is reportedly susceptible to denial of service attacks involving malformed NTLM authentication requests as well as corrupted incoming MailX and temporary mail files. While not certain, the first issue is likely to be remotely exploitable.

Solution

Upgrade to EIMS version 3.2.8 or later.

See Also

http://www.eudora.co.nz/updates.html

Plugin Details

Severity: Medium

ID: 20394

File Name: eims_328.nasl

Version: 1.15

Type: remote

Published: 1/11/2006

Updated: 8/22/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/9/2006

Reference Information

CVE: CVE-2006-0141

BID: 16179