IMail Host: Header Field Handling Remote Overflow
Medium Nessus Plugin ID 10496
SynopsisThe remote web server is affected by a denial of service vulnerability.
DescriptionThe remote web server crashes when it is issued a too long argument to the 'Host:' field of an HTTP request.
An attacker may use this flaw to either completely prevent this host from serving web pages to the world, or to make it die by crashing several threads of the web server until the complete exhaustion of this host memory
SolutionUpgrade to IMail 6.0.4 or later, as this reportedly fixes the issue.