MailEnable SMTP HELO Command Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running MailEnable and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow remote attackers to crash the service by sending HELO command with specially crafted arguments. Impact Level: Application

Solution

Upgrade MailEnable version 6 or later, For updates refer to http://www.mailenable.com/

Insight

MailEnable SMTP service fails to handle the HELO command. This can be exploited to crash the service via a HELO command with specially crafted arguments.

Affected

MailEnable Standard version 1.92 and prior MailEnable Enterprise version 2.0 and prior MailEnable Professional version 2.0 and prior

References

http://secunia.com/advisories/20790
http://securitytracker.com/id?1016376
http://www.mailenable.com/
http://www.mailenable.com/hotfix/default.asp
http://xforce.iss.net/xforce/xfdb/27387

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-3277

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

DeepOfix SMTP Authentication Bypass
Microsoft Windows SMTP Server DNS spoofing vulnerability
Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
Code-Crafters Ability Mail Server IMAP FETCH Request Remote Denial Of Service Vulnerability
Sendmail mail.local DOS

MailEnable SMTP HELO Command Denial of Service Vulnerability

Take action and discover your vulnerabilities