The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mailenable_enterprise | Mailenable | 1.00 (including) | 1.00 (including) |
| Mailenable_enterprise | Mailenable | 1.01 (including) | 1.01 (including) |
| Mailenable_enterprise | Mailenable | 1.02 (including) | 1.02 (including) |
| Mailenable_enterprise | Mailenable | 1.03 (including) | 1.03 (including) |
| Mailenable_enterprise | Mailenable | 1.04 (including) | 1.04 (including) |
| Mailenable_professional | Mailenable | 1.5 (including) | 1.5 (including) |
| Mailenable_professional | Mailenable | 1.51 (including) | 1.51 (including) |
| Mailenable_professional | Mailenable | 1.52 (including) | 1.52 (including) |
| Mailenable_professional | Mailenable | 1.53 (including) | 1.53 (including) |
| Mailenable_professional | Mailenable | 1.54 (including) | 1.54 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=111273637518494\u0026w=2
- http://secunia.com/advisories/14812
- http://securitytracker.com/id?1013637
- http://www.mailenable.com/hotfix/
- http://www.osvdb.org/15232
- http://www.securiteam.com/windowsntfocus/5HP031PFFG.html
- http://www.securityfocus.com/bid/12994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19973
- http://marc.info/?l=bugtraq\u0026m=111273637518494\u0026w=2
- http://secunia.com/advisories/14812
- http://securitytracker.com/id?1013637
- http://www.mailenable.com/hotfix/
- http://www.osvdb.org/15232
- http://www.securiteam.com/windowsntfocus/5HP031PFFG.html
- http://www.securityfocus.com/bid/12994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19973