Alt-N MDaemon Multiple Buffer Overflows (IMAP)

Critical Nessus Network Monitor Plugin ID 2310

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running Alt-N MDaemon, a SMTP/IMAP server for Windows operating systems. It is reported that versions up to and including 6.5.1 are prone to multiple buffer overflows. An attacker may deny service to legitimate users or execute arbitrary code on the remote server. The attacker needs to authenticate in order to exploit these vulnerabilities against the IMAP server but it doesn't need to do so against the SMTP server.

Solution

Upgrade or patch according to vendor recommendations.

Plugin Details

Severity: Critical

ID: 2310

Family: IMAP Servers

Published: 2004/09/23

Modified: 2016/01/19

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2004-1546

BID: 11238