SLMail SMTP Multiple Overflows

High Nessus Network Monitor Plugin ID 2036

Synopsis

The remote host is vulnerable to multiple buffer overflows.

Description

The remote host is running a version of the SLMail SMTP server that is vulnerable to various overflows that may allow an attacker to gain a shell on this host.

Solution

Upgrade to SLMail 5.1.0.4433 or higher.

See Also

http://marc.info/?l=bugtraq&m=105232506011335&w=2

Plugin Details

Severity: High

ID: 2036

File Name: 2036.prm

Family: SMTP Servers

Published: 2004/08/18

Modified: 2016/01/22

Dependencies: 2004, 2005

Nessus ID: 11593

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:ND

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:X

Exploitable With

Metasploit (Seattle Lab Mail 5.5 POP3 Buffer Overflow)

Reference Information

CVE: CVE-2003-0264

BID: 7512, 7515, 7519, 7525, 7526

OSVDB: 11973, 11974, 11975, 11976, 4149