DeepOfix versions 3.3 and below suffer from an SMTP server authentication bypass vulnerability due to an LDAP issue.
An Attacker could login in the SMTP server knowing only the username of one user in the server and he could sends emails. One important thing is that the user 'admin' always exists in the server.
Ask the vendor for an Update or disable 'anonymous LDAP bind' in your LDAP server.
The vulnerability allows an attacker to bypass the authentication in the SMTP server to send emails. The problem is that the SMTP server performs authentication against LDAP by default, and the service does not check that the password is null if this Base64. This creates a connection 'anonymous' but with a user account without entering the password.
DeepOfix 3.3 and below are vulnerable.
Try to bypass authentication for the user 'admin'
Updated on 2015-03-25
- Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
- poprelayd & sendmail authentication problem
- Microsoft Windows SMTP Server DNS spoofing vulnerability
- Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
- MailEnable SMTP HELO Command Denial of Service Vulnerability