This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.
The remote mail server is prone to denial of service attacks.
The SMTP service (MESMTPC.exe) included with the version of
MailEnable on the remote host reportedly does not properly check the
length of either the email address used in a 'MAIL FROM' command or
the domain name in a 'RCPT TO' command before using it in a log
A malicious attacker may be able to leverage these issues to trigger
an unhandled invalid parameter error and cause the affected SMTP
service to crash.
See also :
Either apply Hotfix ME-10044 or upgrade to MailEnable 4.26 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true