Pegasus Email Client < 4.31 Multiple Remote Overflows

Medium Nessus Network Monitor Plugin ID 3332


The remote host is vulnerable to several remote buffer overflows.


The remote host is running the Pegasus Email client. This version of Pegasus is vulnerable to two (2) distinct remote buffer overflows. In the first instance, an attacker, convincing a Pegasus user to connect to a malicious server, can cause a buffer overflow resulting in execution of arbitrary code. In the second instance, an attacker would need to be able to convince a Pegasus user to view the email 'headers'. Successful exploitation would result in the execution of arbitrary code.


Upgrade to version 4.31 or higher.

See Also

Plugin Details

Severity: Medium

ID: 3332

File Name: 3332.prm

Family: SMTP Clients

Published: 2005/12/20

Modified: 2016/11/23

Dependencies: 1100

Risk Information

Risk Factor: Medium


Base Score: 5.1

Temporal Score: 5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 5.6

Temporal Score: 4.9


Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2005-4444, CVE-2005-4445

BID: 15973

OSVDB: 21842, 21843