Hexamail Server pop3 Service USER Command Remote Overflow (credentialed check)
Critical Nessus Plugin ID 26016
SynopsisThe remote Windows host has a program that is affected by a buffer overflow vulnerability.
DescriptionAccording to its version, the installation of Hexamail on the remote host is affected by a buffer overflow in its POP3 service component that can be exploited by an unauthenticated, remote attacker to crash the service or to execute arbitrary code on the affected host with LOCAL SYSTEM privileges.
SolutionUpgrade to Hexamail version 3.0.1.004 or later as that reportedly resolves the issue.