According to its banner, the remote MailEnable is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issue to crash the affected application, denying service to legitimate users. MailEnable 4.25 Standard Edition, Professional Edition, and Enterprise Edition are vulnerable other versions may also be affected.
The vendor has released hotfix ME-10044. Please see the references for more information.
- Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
- Mail relaying
- Code-Crafters Ability Mail Server IMAP FETCH Request Remote Denial Of Service Vulnerability
- MailEnable SMTP HELO Command Denial of Service Vulnerability
- Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability