Exim < 4.96.2 Multiple Vulnerabilities

According to its banner, the version of Exim running on the remote host is prior to 4.96.2. It is, therefore, potentially affected by multiple vulnerabilities: - Improper Neutralization of Special Elements CVE-2023-42117 - dnsdb Out-Of-Bounds Read CVE-2023-42119 Note that Nessus has not tested fo...

SUSE CVE-2003-0852

Format string vulnerability in sendmessage.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service crash in sylpheed via format strings in an error message...

Kerio Connect < 7.0.0 Products Administration Console File Disclosure and Corruption Vulnerabilities

According to its banner, the remote host is running a version of Kerio Connect or Kerio MailServer as it was formerly known prior to 7.0.0. Successful exploitation of remote file disclosure and corruption vulnerabilities in the administration console of such versions could allow an attacker to...

Kerio MailServer < 6.5.0 Multiple Vulnerabilities

The remote host is running Kerio MailServer, a commercial mail server available for Windows, Linux, and Mac OS X platforms. According to its banner, the installed version of Kerio MailServer is affected by several issues : - There is a possible buffer overflow in the Visnetic antivirus plug-in. -...

Smail-3 < 3.2.0.121 Multiple Vulnerabilities

According to its banner, the remote host is running as its mail server S-mail version 3.2.0.120 or older. Such versions contain various vulnerabilities that may allow an unauthenticated attacker execute arbitrary code on the remote host by exploiting a heap overflow by sending a malformed argumen...

SmarterTools SmarterMail Attachment Upload XSS

There are flaws in the remote SmarterMail, a web mail interface. This version of SmarterMail is affected by a cross-site scripting issue. An attacker, exploiting this flaw, would be able to steal user credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ;...

smtpscan SMTP Fingerprinting

smtpscan is a SMTP fingerprinting tool written by Julien Bordet. It identifies the remote mail server even if the banners were changed. C Tenable Network Security, Inc. This NASL script is a quick and dirty conversion of smtpscan by Julien Bordet Note that smtpcan has more features than this simp...

Lotus Domino SMTP MAIL FROM Command Remote Overflow

The remote Lotus Domino SMTP server is affected by a buffer overflow vulnerability that can be triggered by an overly long argument to the 'MAIL FROM' command. This problem may allow an attacker to crash the mail server or even allow the execution of arbitrary code on this system. C Tenable Netwo...

CMail MAIL FROM Command Remote Overflow

The remote host appears to be running a vulnerable version of CMail. Issuing a long argument to the 'MAIL FROM' command can result in a buffer overflow. An attack would look something similar to : MAIL FROM: [email protected] Where AAA...AAA contains more than 8000 'A's. A remote attacker coul...

TFS SMTP 3.2 MAIL FROM overflow

The remote SMTP server may be affected by a buffer overflow triggered when it receives an overly long argument to the 'MAIL FROM' command. This vulnerability is reported to affect TenFour TFS SMTP and may allow an unauthenticated remote attacker to crash the service or even execute arbitrary code...

Sendmail decode Alias Arbitrary File Overwrite

The remote SMTP server seems to pipe mail sent to the 'decode' alias to a program. There have been in the past a lot of security problems regarding this, as it would allow an attacker to overwrite arbitrary files on the remote server. We suggest you deactivate this alias. C Tenable Network...

Sendmail MAIL FROM Command Arbitrary Remote Command Execution

The remote SMTP server did not complain when issued the command : MAIL FROM: |testing This probably means that it is possible to send mail that will be bounced to a program, which is a serious threat, since this allows anyone to execute arbitrary commands on this host. This security hole might be...

SLMail HELO Command Remote Overflow

There might be a buffer overflow when this MTA is issued the 'HELO' command issued by a too long argument. This problem may allow an attacker to execute arbitrary code on this computer, subject to the privileges under which the service operates, or to deny service to legitimate users of the serve...