Computer Security

MailEnable SMTP server DoS conditions
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



MailEnable SMTP server DoS conditions
Published:14.09.2010
Source:BUGTRAQ
SecurityVulns ID:11141
Type:remote
Level:5/10
Description:Uninitialized memory reference during logging on MAIL FROM / RCPT TO commands.
Affected:MAILENABLE : MailEnable 4.25
CVE:CVE-2010-2580 (The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, which allows remote attackers to cause a denial of service (crash) via a long (1) email address in the MAIL FROM command, or (2) domain name in the RCPT TO command, which triggers an "unhandled invalid parameter error.")
Original documentdocumentSECUNIA, Secunia Research: MailEnable SMTP Service Two Denial of Service Vulnerabilities (14.09.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru