Intrusion Prevention

POP3.Invalid.Message.Number

Description

This indicates that a client has tried to retrieve a message from a POP server with a number higher than 65535. This is an indication of a buffer-overflow or denial-of-service attack.

Affected Products

Any unprotected POP server is vulnerable to the attack.

Impact

This is a protocol anomaly. Attackers may be able to execute arbitary commands on the victim system or launch a DoS attack.

Recommended Actions

This indicates detection of traffic that does not comply with the protocol standard. Monitor the traffic from that network for any suspicious activity.

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	109248519
Created	Sep 11, 2006
Updated	Apr 23, 2014
Risk
Default Action	Unavailable
Active

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

POP3.Invalid.Message.Number

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

POP3.Invalid.Message.Number

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center