This host is running WorldMail IMAP Server and prone to buffer overflow vulnerability.

Successful exploitation may allow remote attackers to execute arbitrary code within the context of the application or cause a denial of service condition. Impact Level: System/Application

Upgrade to Eudora WorldMail Server version 4.0 or later. For updates refer to http://www.eudora.com/worldmail/

The flaw is due to a boundary error when processing user supplied IMAP commands. This can be exploited to cause a stack-based overflow via a long string containing a '}' character.

Eudora WorldMail Server 3.0

• http://osvdb.org/22097
• http://secunia.com/advisories/17640
• http://securitytracker.com/id/1015391
• http://www.exploit-db.com/exploits/18354
• http://www.idefense.com/intelligence/vulnerabilities/display.php?id=359

---

Updated on 2015-03-25