Courier Mail Server < 0.50.1 SPF Data Lookup Remote DoS
Low Nessus Network Monitor Plugin ID 3048
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe remote host is running Courier Mail Server, an open source mail server for Linux and Unix. The installed version of Courier is prone to a remote denial of service vulnerability associated with Sender Policy Framework (SPF) data lookups. To exploit this flaw, an attacker would need to control a DNS server and return malicious SPF records in response to queries from the affected application.
SolutionUpgrade to version 0.50.1 or higher.