ID CVE-2008-1275
Summary Multiple unspecified vulnerabilities in the SMTP service in MailEnable Standard Edition 1.x, Professional Edition 3.x and earlier, and Enterprise Edition 3.x and earlier allow remote attackers to cause a denial of service (crash) via crafted (1) EXPN or (2) VRFY commands.
References
Vulnerable Configurations
  • cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*
    cpe:2.3:a:mailenable:mailenable_enterprise:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*
    cpe:2.3:a:mailenable:mailenable_professional:*:*:*:*:*:*:*:*
  • cpe:2.3:a:mailenable:mailenable_standard:*:*:*:*:*:*:*:*
    cpe:2.3:a:mailenable:mailenable_standard:*:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 28154
confirm http://www.mailenable.com/hotfix/
exploit-db 5235
secunia 29300
vupen ADV-2008-0800
xf mailenable-expn-vrfy-dos(41083)
Last major update 29-09-2017 - 01:30
Published 10-03-2008 - 23:44
Last modified 29-09-2017 - 01:30
Back to Top