virus logo Intrusion Prevention

POP3.Server.PASS.Command.Buffer.Overflow

description-logoDescription

This indicates a possible attempt to exploit a buffer overrun vulnerability in the BVRP SLMail server software.
SLMail Pro is a web-based POP3 and SMTP email server for Microsoft Windows NT/2000/2003. The vulnerability occurs in the POP3 server and is caused by insufficient bounds checking of the user-supplied password during authentication. A remote attacker can cause a buffer overflow by sending a password of more than 2600 bytes length, and as a result may be able to execute arbitrary code on the system.

affected-products-logoAffected Products

BVRP Software SLMail 5.1.0.4420 and earlier.

Impact logoImpact

System compromise, arbitrary code execution.

recomended-action-logoRecommended Actions

Upgrade to BVRP Software SLMail 5.5 or later.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 12155
Created Sep 11, 2006
Updated Sep 12, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS All
Affected App Other