Info

Disclosure

Sep 09, 2004

Discovery

Sep 09, 2004

Dates

Exploit

Sep 09, 2004

Solution

Unknown

Description

The MailEnable SMTP server contains a flaw that may allow a remote denial of service. The issue is triggered when a DNS response with more than 100 MX records is returned, and will result in loss of availability for the service.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, MailEnable has released a patch to address this vulnerability.

Products

MailEnable Pty. Ltd.	Professional SMTP Server	1.2x
		1.1x
		1.5a
		1.5b
		1.5c
		1.5d

References

Security Tracker: 1011198
Related OSVDB ID: 10728
Bugtraq ID: 11144
Secunia Advisory ID: 12493 12815
ISS X-Force ID: 17305
Vendor URL: http://www.mailenable.com/
Vendor Specific Solution URL: http://www.mailenable.com/hotfix/MEW2KDNS.zip
Vendor Specific News/Changelog Entry: http://www.mailenable.com/professionalhistory.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

MailEnable Pty. Ltd.

Professional SMTP Server

References

Credit