| VID |
18030 |
| Severity |
40 |
| Port |
110 |
| Protocol |
TCP |
| Class |
POP3 |
| Detailed Description |
The POP3 server seems to be subject to a buffer overflow when it is issued at least one of some pop3 commands such as 'AUTH', 'USER', 'PASS' with a too long argument. This problem may allow remote attackers to execute arbitrary code, or enable them to perform a denial-of-service attack on the vulnerable system. The attack is possible due to improper bounds checking, and various pop3 implementations are suffered from the problem.
Vulnerable systems:
IPSwitch IMAIL POP3 - http://www.securiteam.com/exploits/3X5PRSAQ0G.html
Mercur POP3 - http://www.securiteam.com/exploits/5ZP0F000HQ.html
Rover POP3 - http://www.securiteam.com/exploits/3J5QCS0QAS.html
ZetaMail POP3 - http://www.securiteam.com/exploits/3R5Q1SAQ0Q.html
SmartServer3 POP3 - http://www.securiteam.com/windowsntfocus/3V5Q7QAQ0I.html
WinSMTPD POP3 - http://www.securiteam.com/exploits/5MP0C0U2KM.html
AnalogX POP3 - http://www.securiteam.com/exploits/5VP0X0020O.html
Internet Anywhere POP3 - http://www.securiteam.com/windowsntfocus/3G5Q3QKPPG.html
DynFX POPd - http://www.securiteam.com/windowsntfocus/5JP080A4KM.html
XMail POP3 - http://www.securiteam.com/securitynews/5EP050A2KK.html
WinProxy POP3 - http://www.securiteam.com/windowsntfocus/5NR070A1QG.html
Artisoft XtraMail POP3 - http://www.securiteam.com/exploits/3A5Q3Q0Q0U.html
Vpopmail POP3 - http://www.securiteam.com/exploits/5ZP0J000DQ.html
* References:
http://www.iss.net/security_center/static/6007.php
http://www.iss.net/security_center/static/6615.php |
| Recommendation |
Disable the POP3 server if you don't use it, or Contact the pop3 vendor for upgrading it to a more secure version. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
