| VID |
18099 |
| Severity |
20 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The MailEnable Webmail service, according to its banner, has a denial of service vulnerability via the quoted-printable emails. MailEnable is a commercial mail server for Microsoft Windows platforms. MailEnable Enterprise Edition version 1.1 and earlier versions are vulnerable to a denial of service attack, caused due to an unspecified error within the webmail component. A remote attacker could exploit this vulnerability to consume all available CPU resources when a specially formatted quoted-printable email is viewed.
* Note: This check solely relied on the banner of the remote SMTP server to assess this vulnerability, so this might be a False Positive.
* References:
http://www.mailenable.com/enterprisehistory.asp
http://secunia.com/advisories/18716/
* Platforms Affected:
MailEnable Enterprise Edition version 1.1 and earlier versions
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of MailEnable Enterprise Edition (1.2 or later), available from the MailEnable Download Web site at http://www.mailenable.com/download.asp |
| Related URL |
CVE-2006-0504 (CVE) |
| Related URL |
16525 (SecurityFocus) |
| Related URL |
24517 (ISS) |
|
