MailScanner Infinite Loop Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with MailScanner and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker execute arbitrary codes in a crafted message and it can lead to system crash through high CPU resources. Impact Level: Application

Solution

Upgrade to the latest MailScanner version 4.73.3-1 http://www.mailscanner.info/downloads.html

Insight

This error is due to an issue in 'Clean' Function in message.pm.

Affected

MailScanner version prior to 4.73.3-1 on all Linux platforms.

References

http://osvdb.org/show/osvdb/50268
http://secunia.com/Advisories/32915

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 9.0 AV:N/AC:L/Au:N/C:P/I:P/A:C

Related Vulnerabilities

Checkpoint Firewall-1 UDP denial of service
7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
7-Zip Unspecified Archive Handling Vulnerability (Linux)
Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)
Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability

MailScanner Infinite Loop Denial of Service Vulnerability

Take action and discover your vulnerabilities