CVE-2019-25364

Name of the Vulnerable Software and Affected Versions MailCarrier version 2.51

Description MailCarrier 2.51 has a buffer overflow issue in the POP3 USER command. Remote attackers can exploit this by sending a specially crafted, oversized buffer to the POP3 service. This can overwrite memory and potentially allow for remote system access. The vulnerable command is POP3 USER. The vulnerable parameter is the buffer sent with the USER command.

Recommendations Update MailCarrier to a version that addresses this issue. As a temporary workaround, consider disabling the POP3 service if it is not essential.