Lucene search

[email protected]CVE-1999-1265

HistorySep 22, 1998 - 4:00 a.m.

CVE-1999-1265

1998-09-2204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1265

slmail

smtp server

dos attack

security vulnerability

7.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a “(” (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO.

CPENameOperatorVersion
seatle_lab_software:slmailseatle lab software slmaille3.1

CPE	Name	Operator	Version
seatle_lab_software:slmail	seatle lab software slmail	le	3.1

References

marc.info/?l=bugtraq&m=90649892424117&w=2

marc.info/?l=ntbugtraq&m=90650438826447&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/1664

7.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON