Pegasus Mail < 4.02 To/From Header Overflow DoS
High Nessus Network Monitor Plugin ID 1303
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe remote host is running the Pegasus 4.01 mail client. Pegasus Mail 4.01 (and possibly earlier versions) are vulnerable to a Denial of Service attack caused by a buffer overflow. By sending an email message containing 259 characters or more in either the "From" or "To" message header, a remote attacker can overflow a buffer and crash the system.
SolutionUpgrade to Pegasus Mail 4.02 or higher.