Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10047
Category:SMTP problems
Title:CMail's MAIL FROM overflow
Summary:NOSUMMARY
Description:Description:

There seem to be a buffer overflow in the remote SMTP server
when the server is issued a too long argument to the 'MAIL FROM'
command, like :

MAIL FROM: AAA[...]AAA@nessus.org

Where AAA[...]AAA contains more than 8000 'A's.

This problem may allow an attacker to prevent this host
to act as a mail host and may even allow him to execute
arbitrary code on this system.


Solution : Contact your vendor for a patch

Risk factor : High

Cross-Ref: BugTraq ID: 633
Common Vulnerability Exposure (CVE) ID: CVE-1999-1521
http://www.securityfocus.com/bid/633
Bugtraq: 19990729 Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer (Google Search)
http://marc.info/?l=bugtraq&m=94121824921783&w=2
Bugtraq: 19990912 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug (Google Search)
http://marc.info/?l=bugtraq&m=93720402717560&w=2
XForce ISS Database: cmail-command-bo(2240)
https://exchange.xforce.ibmcloud.com/vulnerabilities/2240
CopyrightThis script is Copyright (C) 1999 Renaud Deraison

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.