MDaemon IMAP Server FETCH Command Remote Buffer Overflow

NASLDB: MDaemon IMAP Server FETCH Command Remote Buffer Overflow

General

ID: 31640
Name: MDaemon IMAP Server FETCH Command Remote Buffer Overflow

Summary: Checks version in MDaemon

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: 25
Family: Windows
Type: Remote

Description

The remote host is running Alt-N MDaemon, a mail server for Windows.

According to its banner, the version of MDaemon installed on the
remote host contains a stack-based buffer overflow in its IMAP server
component that can be triggered via a FETCH command with a long BODY
data item. An authenticated, remote attacker may be able to leverage
this issue to crash the affected service or execute arbitrary code
subject to the privileges under which the service operates.

Note that MDaemon by default runs as a service with SYSTEM privileges
under Windows so successful exploitation could result in a complete
compromise of the affected system.

Exploiting

Exploit Available: True
Exploitability Ease: Exploits are available

Sources

CVE: CVE-2008-1358
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2008/03/21

Plugin

Version: 1.16
Filename: mdaemon_965.nasl
Filesize: 6131 bytes
MD5 Hash: 179ad9ff23ef38a219430e9acf2a5087

Identification: –
Require Keys: –
Dependencies: "smtpserver_detect.nasl", "popserver_detect.nasl", "imap4_banner.nasl", "doublecheck_std_services.nasl"

Letzte Plugins

Letzte Plugins

scip AG