Intrusion Prevention

POP3.Server.USER.Command.Buffer.Overflow

Description

Multiple heap-based buffer overflows, in the POP3 server in Alt-N Technologies MDaemon, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings in the (1) USER and (2) APOP commands.

Affected Products

Alt-N MDaemon 9.0
Alt-N MDaemon 8.1.3 and before

Impact

This vulnerability may lead to a DoS or arbitrary code execution on server.

Recommended Actions

The vendor has fixed this issue,please update your server now.

CVE References

CVE-2006-4364