IMail Host: Header Field Handling Remote Overflow

Medium Nessus Plugin ID 10496


The remote web server is affected by a denial of service vulnerability.


The remote web server crashes when it is issued a too long argument to the 'Host:' field of an HTTP request.

An attacker may use this flaw to either completely prevent this host from serving web pages to the world, or to make it die by crashing several threads of the web server until the complete exhaustion of this host memory


Upgrade to IMail 6.0.4 or later, as this reportedly fixes the issue.

See Also

Plugin Details

Severity: Medium

ID: 10496

File Name: imail_host_overflow.nasl

Version: $Revision: 1.27 $

Type: remote

Family: Web Servers

Published: 2000/08/24

Modified: 2014/07/14

Dependencies: 10107

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Vulnerability Publication Date: 2000/08/17

Reference Information

CVE: CVE-2000-0825

BID: 2011

OSVDB: 395