Описание
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3277
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27387
- http://secunia.com/advisories/20790
- http://securitytracker.com/id?1016376
- http://www.divisionbyzero.be/?p=173
- http://www.divisionbyzero.be/?p=174
- http://www.mailenable.com/hotfix/mesmtpc.zip
- http://www.osvdb.org/26791
- http://www.securityfocus.com/archive/1/438374/100/0/threaded
- http://www.securityfocus.com/bid/18630
- http://www.vupen.com/english/advisories/2006/2520
EPSS
CVE ID
Связанные уязвимости
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
EPSS