Intrusion PreventionPOP3.Invalid.Message.Number
Description
This indicates that a client has tried to retrieve a message from a POP server with a number higher than 65535. This is an indication of a buffer-overflow or denial-of-service attack.
Affected Products
Any unprotected POP server is vulnerable to the attack.
Impact
This is a protocol anomaly. Attackers may be able to execute arbitary commands on the victim system or launch a DoS attack.
Recommended Actions
This indicates detection of traffic that does not comply with the protocol standard. Monitor the traffic from that network for any suspicious activity.
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 109248519 |
| Created | Sep 11, 2006 |
| Updated | Apr 23, 2014 |
| Risk |
|
| Default Action | Unavailable |
| Active | |
| Profile Type | Buffer Errors |