MailScanner Infinite Loop Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with MailScanner and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker execute arbitrary codes in a crafted message and it can lead to system crash through high CPU resources. Impact Level: Application

Solution

Upgrade to the latest MailScanner version 4.73.3-1 http://www.mailscanner.info/downloads.html

Insight

This error is due to an issue in 'Clean' Function in message.pm.

Affected

MailScanner version prior to 4.73.3-1 on all Linux platforms.

References

http://osvdb.org/show/osvdb/50268
http://secunia.com/Advisories/32915

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.0
AV:N/AC:L/Au:N/C:P/I:P/A:C

Related Vulnerabilities

Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)
Avast! Zoo Denial of Service Vulnerability
Apache 'mod_proxy_http.c' Denial Of Service Vulnerability
FlashGet FTP PWD Response Remote Buffer Overflow Vulnerability
Adobe Reader '.ETD File' Denial of Service Vulnerability (Linux)

MailScanner Infinite Loop Denial of Service Vulnerability

Take action and discover your vulnerabilities