| VID |
18102 |
| Severity |
40 |
| Port |
110 |
| Protocol |
TCP |
| Class |
POP3 |
| Detailed Description |
A version of Alt-N MDaemon POP3 Server which is older than version 9.0.6 is detected as running on the host. Alt-N MDaemon is an SMTP/POP/IMAP server for Microsoft Windows operating systems. MDaemon versions prior to 9.0.6 are vulnerable to a heap-based buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the MDaemon POP3 server. The vulnerability could be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. A remote, authenticated attacker could exploit this vulnerability to cause the application to crash or execute arbitrary code on the system with the privileges of the POP3 service.
* Note: This check solely relied on the banner of the remote POP3 server to assess this vulnerability, so this might be a false positive.
* References:
http://files.altn.com/MDaemon/Release/RelNotes_en.txt
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-08-04
http://www.securityfocus.com/archive/1/444015/30/0/threaded
http://secunia.com/advisories/21595
http://www.milw0rm.com/exploits/2245
http://securitytracker.com/id?1016729
* Platforms Affected:
Alt-N Technologies, Inc., MDaemon versions prior to 9.0.6
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of MDaemon (9.0.6 or later), available from the Alt-N Technologies Web site at http://www.altn.com/download/default.asp?product_id=MDaemon |
| Related URL |
CVE-2006-4364 (CVE) |
| Related URL |
19651 (SecurityFocus) |
| Related URL |
28517 (ISS) |
|
