Computer Security
[EN] no-pyccku

MailEnable SMTP server DoS conditions
SecurityVulns ID:11141
Threat Level:
Description:Uninitialized memory reference during logging on MAIL FROM / RCPT TO commands.
Affected:MAILENABLE : MailEnable 4.25
CVE:CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error.")
Original documentdocumentSECUNIA, Secunia Research: MailEnable SMTP Service Two Denial of Service Vulnerabilities (14.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod