Summary
The host is running NoticeWare Email Server, which is prone to denial of service vulnerability.
Impact
Remote attackers can crash or deny the service by executing long LOGIN string.
Impact Level : Application
Solution
Upgrade to Noticeware Email Server 5.1,
http://www.noticeware.com/downloads.htm
Insight
Security flaw is due to improper bounds checking of the user supplied data to imap LOGIN command (Long string of 5000 characters on tcp/143).
Affected
Noticeware Email Server 4.6.3 and prior on Windows (All).
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-3607 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- FreeSWITCH 'switch_regex.c' Multiple Buffer Overflow Vulnerabilities
- Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
- FreeRADIUS Tunnel-Password Denial Of Service Vulnerability
- Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
- ClamAV Remote Denial of Service Vulnerability