|
|
Family: Denial of Service --> Category: infos
MailEnable SMTP Connector Service SPF Record Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of MailEnable's MESMTPC.exe
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote SMTP server is affected by a denial of service flaw.
Description :
The remote host is running MailEnable, a commercial mail server for
Windows.
The SMTP server bundled with the version of MailEnable installed on
the remote host reportedly suffers from a flaw in which SPF lookups
for domains with large records may result in a null pointer exception
in the SMTP service. An unauthenticated remote attacker may be able
to exploit this issue to crash the affected service.
See also :
http://www.mailenable.com/hotfix/
Solution :
Apply Hotfix ME-10014.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
