This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.
The remote mail server is prone to denial of service attacks.
The SMTP service (MESMTPC.exe) included with the version of
MailEnable on the remote host reportedly does not properly check the
length of either the email address used in a 'MAIL FROM' command or
the domain name in a 'RCPT TO' command before using it in a log
A malicious attacker may be able to leverage these issues to trigger
an unhandled invalid parameter error and cause the affected SMTP
service to crash.
See also :
Either apply Hotfix ME-10044 or upgrade to MailEnable 4.26 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Family: SMTP problems
Nessus Plugin ID: 49284 (mailenable_me_10044.nasl)
Bugtraq ID: 43182
CVE ID: CVE-2010-2580
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.