GEN:SID | 1:2250 |
Message | POP3 USER format string attempt |
Summary | This event is generated when an attempt is made to exploit a known vulnerability in Magic Winmail Server.
|
Impact | Serious. Possible arbitrary code execution.
|
Detailed Information | The Magic Winmail Server contains a programming error such that exploitation of the USER POP3 command is possible by supplying malicious code via the USER command.
|
Affected Systems | AMAX Information Technologies Inc. Magic Winmail Server 2.3
|
Attack Scenarios | The attacker can connect to the POP3 server and use the USER command to supply the necessary code or the attacker can use the available exploit code.
|
Ease of Attack | Simple. Exploit code is available.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
|
Additional References | |
Rule References | bugtraq: 10976
bugtraq: 7667
cve: 2003-0391
nessus: 11742
|