Gain a shell remotely : Magic WinMail Format string

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11742

Category: Gain a shell remotely

Title: Magic WinMail Format string

Summary: NOSUMMARY

Description: Description:

The remote Winmail POP server, according to its banner, is
vulnerable to a format string attack when processing
the USER command.

An attacker may use this flaw to execute arbitrary
code on this host.

Solution : Upgrade to version WinMail 2.4 or newer
Risk factor : High

Cross-Ref: BugTraq ID: 7667
Common Vulnerability Exposure (CVE) ID: CVE-2003-0391
Bugtraq: 20030523 Magic Winmail Server (Google Search)
http://marc.info/?l=bugtraq&m=105370528428222&w=2
http://www.magicwinmail.net/changelog.asp

Copyright This script is Copyright (C) 2003 Tenable Network Security

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.11742
Category:	Gain a shell remotely
Title:	Magic WinMail Format string
Summary:	NOSUMMARY
Description:	Description: The remote Winmail POP server, according to its banner, is vulnerable to a format string attack when processing the USER command. An attacker may use this flaw to execute arbitrary code on this host. Solution : Upgrade to version WinMail 2.4 or newer Risk factor : High
Cross-Ref:	BugTraq ID: 7667 Common Vulnerability Exposure (CVE) ID: CVE-2003-0391 Bugtraq: 20030523 Magic Winmail Server (Google Search) http://marc.info/?l=bugtraq&m=105370528428222&w=2 http://www.magicwinmail.net/changelog.asp
Copyright	This script is Copyright (C) 2003 Tenable Network Security