MailEnable SMTP Service Denial of Service Vulnerabilities (ME-10044)
Medium Nessus Plugin ID 49284
The remote mail server is prone to denial of service attacks.
The SMTP service (MESMTPC.exe) included with the version of MailEnable on the remote host reportedly does not properly check the length of either the email address used in a 'MAIL FROM' command or the domain name in a 'RCPT TO' command before using it in a log message. A malicious attacker may be able to leverage these issues to trigger an unhandled invalid parameter error and cause the affected SMTP service to crash.
Either apply Hotfix ME-10044 or upgrade to MailEnable 4.26 or later.