MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
BID:12994
Info
MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
| Bugtraq ID: | 12994 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2005-1013 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | This issue was discovered by CorryL <[email protected]>. |
| Vulnerable: |
MailEnable MailEnable Professional 1.54 MailEnable MailEnable Professional 1.53 MailEnable MailEnable Professional 1.52 MailEnable MailEnable Professional 1.51 MailEnable MailEnable Professional 1.5 MailEnable MailEnable Enterprise Edition 1.0 4 MailEnable MailEnable Enterprise Edition 1.0 3 MailEnable MailEnable Enterprise Edition 1.0 2 MailEnable MailEnable Enterprise Edition 1.0 1 MailEnable MailEnable Enterprise Edition 1.0 |
| Not Vulnerable: | |
Discussion
MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
MailEnable is prone to a vulnerability that may allow remote attackers to crash the SMTP service. The issue arises when the server handles a malformed EHLO request.
This vulnerability is reported to affect all unpatched versions of MailEnable Enterprise Edition and MailEnable Professional 1.5 and later.
MailEnable is prone to a vulnerability that may allow remote attackers to crash the SMTP service. The issue arises when the server handles a malformed EHLO request.
This vulnerability is reported to affect all unpatched versions of MailEnable Enterprise Edition and MailEnable Professional 1.5 and later.
Exploit / POC
MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
An exploit is not required.
The following proof of concept is available:
An exploit is not required.
The following proof of concept is available:
Solution / Fix
MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
Solution:
A hot fix has been released to address this issue.
MailEnable MailEnable Enterprise Edition 1.0 2
MailEnable MailEnable Enterprise Edition 1.0
MailEnable MailEnable Enterprise Edition 1.0 1
MailEnable MailEnable Enterprise Edition 1.0 3
MailEnable MailEnable Enterprise Edition 1.0 4
MailEnable MailEnable Professional 1.5
MailEnable MailEnable Professional 1.51
MailEnable MailEnable Professional 1.52
MailEnable MailEnable Professional 1.53
MailEnable MailEnable Professional 1.54
Solution:
A hot fix has been released to address this issue.
MailEnable MailEnable Enterprise Edition 1.0 2
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Enterprise Edition 1.0
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Enterprise Edition 1.0 1
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Enterprise Edition 1.0 3
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Enterprise Edition 1.0 4
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Professional 1.5
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Professional 1.51
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Professional 1.52
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Professional 1.53
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
MailEnable MailEnable Professional 1.54
-
MailEnable MEIMSM-HF050404.zip
http://www.mailenable.com/hotfix/MEIMSM-HF050404.zip
References
MailEnable SMTP Malformed EHLO Request Denial Of Service Vulnerability
References:
References:
- MailEnable Homepage (MailEnable)
- MailEnable Hotfix Page (MailEnable)