MDaemon < 9.0.6 POP3 Server USER / APOP Command Remote Overflow
Medium Nessus Plugin ID 22256
The remote POP3 server is affected by multiple buffer overflow flaws.
According to its banner, the POP3 server bundled with the version of MDaemon on the remote host has two buffer overflows that can be triggered with long arguments to the 'USER' and 'APOP' commands. By exploiting these issues, a remote, unauthenticated user can reportedly crash the affected service or run arbitrary code with LOCAL SYSTEM privileges.