Computer Security
[EN] securityvulns.ru no-pyccku


MailEnable SMTP server DoS conditions
Published:14.09.2010
Source:
SecurityVulns ID:11141
Type:remote
Threat Level:
5/10
Description:Uninitialized memory reference during logging on MAIL FROM / RCPT TO commands.
Affected:MAILENABLE : MailEnable 4.25
CVE:CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error.")
Original documentdocumentSECUNIA, Secunia Research: MailEnable SMTP Service Two Denial of Service Vulnerabilities (14.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod