GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
BID:12148
Info
GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
| Bugtraq ID: | 12148 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-1312 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 03 2005 12:00AM |
| Updated: | Jul 12 2009 09:26AM |
| Credit: | Discovery is credited to CSIS. |
| Vulnerable: |
GFI MailSecurity for Exchange/SMTP 8.0 GFI MailEssentials for Exchange/SMTP 10.1 GFI MailEssentials for Exchange/SMTP 10.0 GFI MailEssentials for Exchange/SMTP 9.0 |
| Not Vulnerable: | |
Discussion
GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
GFI MailEssentials and MailSecurity are prone to a remote denial of service vulnerability. This issue occurs when a specifically malformed HTML email message is processed. Rebooting the server or restarting the service will not resolve the issue.
GFI MailEssentials and MailSecurity are prone to a remote denial of service vulnerability. This issue occurs when a specifically malformed HTML email message is processed. Rebooting the server or restarting the service will not resolve the issue.
Exploit / POC
GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
Solution:
GFI has released fixes for this issue:
GFI MailEssentials for Exchange/SMTP 10.0
GFI MailEssentials for Exchange/SMTP 10.1
GFI MailSecurity for Exchange/SMTP 8.0
GFI MailEssentials for Exchange/SMTP 9.0
Solution:
GFI has released fixes for this issue:
GFI MailEssentials for Exchange/SMTP 10.0
-
GFI ME10_PATCH_20041220_01.zip
ftp://ftp.gfi.com/patches/ME10_PATCH_20041220_01.zip
GFI MailEssentials for Exchange/SMTP 10.1
-
GFI ME10_PATCH_20041220_01.zip
ftp://ftp.gfi.com/patches/ME10_PATCH_20041220_01.zip
GFI MailSecurity for Exchange/SMTP 8.0
-
GFI MSEC8_PATCH_20041220_01.zip
ftp://ftp.gfi.com/patches/MSEC8_PATCH_20041220_01.zip
GFI MailEssentials for Exchange/SMTP 9.0
-
GFI me9_PATCH_20041220_01.zip
ftp://ftp.gfi.com/patches/me9_PATCH_20041220_01.zip
References
GFI MailEssentials and MailSecurity HTML Email Remote Denial of Service Vulnerability
References:
References: