Family: CGI abuses --> Category: denial
MailEnable HTTPMail Service Authorization Header DoS Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for authorization header DoS vulnerability in MailEnable HTTPMail service
Detailed Explanation for this Vulnerability Test
The remote web server is affected by a denial of service flaw.
The remote host is running an instance of MailEnable that has a flaw
in the HTTPMail service (MEHTTPS.exe) in the Professional and
Enterprise Editions. The flaw can be exploited by issuing an HTTP
request with a malformed Authorization header, which causes a NULL
pointer dereference error and crashes the HTTPMail service.
See also :
Upgrade to MailEnable Professional / Enterprise 1.19 or later.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.