ID de Prueba:	1.3.6.1.4.1.25623.1.0.800970
Categoría:	Buffer overflow
Título:	Pegasus Mail POP3 Response Buffer Overflow Vulnerability
Resumen:	Pegasus Mail is prone to stack-based Buffer Overflow vulnerability.
Descripción:	Summary: Pegasus Mail is prone to stack-based Buffer Overflow vulnerability. Vulnerability Insight: A stack based buffer overflow error occus due to improper bounds checking when processing POP3 responses. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code or cause the application to crash by sending overly long error responses from a remote POP3 server to the affected mail client. Affected Software/OS: Pegasus Mail 4.51 and prior. Solution: Upgrade to version 4.51 or higher. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3838 BugTraq ID: 36797 http://www.securityfocus.com/bid/36797 Bugtraq: 20091022 {PRL} Pegasus Mail client BoF (Google Search) http://www.securityfocus.com/archive/1/507377/100/0/threaded http://www.packetstormsecurity.org/0910-exploits/pegasusmc-dos.txt http://www.vupen.com/exploits/Pegasus_Mail_POP3_Message_Handling_Remote_Buffer_Overflow_Exploit_3026233.php http://osvdb.org/59261 http://www.securitytracker.com/id?1023075 http://secunia.com/advisories/37134 http://www.vupen.com/english/advisories/2009/3026 XForce ISS Database: pegasus-pop3-bo(53933) https://exchange.xforce.ibmcloud.com/vulnerabilities/53933
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.