SynopsisThe remote mail server is vulnerable to a denial of service attack.
DescriptionThe remote host is running Courier Mail Server, an open source mail server for Linux and Unix.
According to its banner, the installed version of Courier is prone to a remote denial of service vulnerability triggered when doing Sender Policy Framework (SPF) data lookups. To exploit this flaw, an attacker would need to control a DNS server and return malicious SPF records in response to queries from the affected application.
SolutionUpgrade to Courier version 0.50.1 or later.