|
MailEnable SMTP Service EXPN/VRFY Denial of Service |
|
|
|
|
Written by Marcelo Almeida (Vympel)
|
|
Tuesday, 11 March 2008 |
A vulnerability has been reported in MailEnable, which potentially can
be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error within the SMTP
service when handling EXPN or VRFY commands. This can be exploited to
cause the service to crash via a specially crafted EXPN or VRFY command...
The vulnerability reportedly affects all versions.
Solution:
Apply hotfix (ME-10039).
http://www.mailenable.com/hotfix/ME-10039.EXE
Provided and/or discovered by:
Reported by the vendor.
Original Advisory:
http://secunia.com/advisories/29300/
http://www.mailenable.com/hotfix/
Powered by a Zone-H(ified) version of AkoComment 3.0!
DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice. |
