Lucene search

[email protected]CVE-2006-3277

HistoryJun 28, 2006 - 10:05 p.m.

CVE-2006-3277

2006-06-2822:05:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2006-3277

mailenable

smtp service

denial of service

application crash

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.114 Low

EPSS

Percentile

95.3%

JSON

The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.

Affected configurations

NVD

Node

mailenablemailenable_enterpriseRange≤1.00

mailenablemailenable_enterpriseRange≤1.01

mailenablemailenable_enterpriseRange≤1.1

mailenablemailenable_enterpriseRange≤1.2

mailenablemailenable_enterpriseRange≤1.02

mailenablemailenable_enterpriseRange≤1.03

mailenablemailenable_enterpriseRange≤1.04

mailenablemailenable_enterpriseRange≤1.21

mailenablemailenable_professionalMatch1.0.004

mailenablemailenable_professionalMatch1.0.005

mailenablemailenable_professionalMatch1.0.006

mailenablemailenable_professionalMatch1.0.007

mailenablemailenable_professionalMatch1.0.008

mailenablemailenable_professionalMatch1.0.009

mailenablemailenable_professionalMatch1.0.010

mailenablemailenable_professionalMatch1.0.011

mailenablemailenable_professionalMatch1.0.012

mailenablemailenable_professionalMatch1.0.013

mailenablemailenable_professionalMatch1.0.014

mailenablemailenable_professionalMatch1.0.015

mailenablemailenable_professionalMatch1.0.016

mailenablemailenable_professionalMatch1.0.017

mailenablemailenable_professionalMatch1.1

mailenablemailenable_professionalMatch1.2

mailenablemailenable_professionalMatch1.2a

mailenablemailenable_professionalMatch1.5

mailenablemailenable_professionalMatch1.6

mailenablemailenable_professionalMatch1.7

mailenablemailenable_professionalMatch1.8

mailenablemailenable_professionalMatch1.9

mailenablemailenable_professionalMatch1.12

mailenablemailenable_professionalMatch1.13

mailenablemailenable_professionalMatch1.14

mailenablemailenable_professionalMatch1.15

mailenablemailenable_professionalMatch1.16

mailenablemailenable_professionalMatch1.17

mailenablemailenable_professionalMatch1.18

mailenablemailenable_professionalMatch1.19

mailenablemailenable_professionalMatch1.51

mailenablemailenable_professionalMatch1.52

mailenablemailenable_professionalMatch1.53

mailenablemailenable_professionalMatch1.54

mailenablemailenable_professionalMatch1.71

mailenablemailenable_professionalMatch1.72

mailenablemailenable_professionalMatch1.73

mailenablemailenable_professionalMatch1.91

mailenablemailenable_professionalMatch1.92

mailenablemailenable_professionalMatch1.93

mailenablemailenable_professionalMatch1.101

mailenablemailenable_professionalMatch1.102

mailenablemailenable_professionalMatch1.103

mailenablemailenable_professionalMatch1.104

mailenablemailenable_professionalMatch1.105

mailenablemailenable_professionalMatch1.106

mailenablemailenable_professionalMatch1.107

mailenablemailenable_professionalMatch1.108

mailenablemailenable_professionalMatch1.109

mailenablemailenable_professionalMatch1.110

mailenablemailenable_professionalMatch1.111

mailenablemailenable_professionalMatch1.112

mailenablemailenable_professionalMatch1.113

mailenablemailenable_professionalMatch1.114

mailenablemailenable_professionalMatch1.115

mailenablemailenable_professionalMatch1.116

mailenablemailenable_professionalMatch1.610

mailenablemailenable_professionalMatch1.701

mailenablemailenable_professionalMatch1.702

mailenablemailenable_professionalMatch1.703

mailenablemailenable_professionalMatch1.704

mailenablemailenable_professionalMatch1.5015

mailenablemailenable_professionalMatch1.5016

mailenablemailenable_professionalMatch1.5017

mailenablemailenable_professionalMatch1.5018

CPENameOperatorVersion
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.00
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.01
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.1
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.2
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.02
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.03
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.04
mailenable:mailenable_enterprisemailenable mailenable enterprisele1.21
mailenable:mailenable_professionalmailenable mailenable professionaleq1.0.004
mailenable:mailenable_professionalmailenable mailenable professionaleq1.0.005

CPE	Name	Operator	Version
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.00
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.01
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.1
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.2
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.02
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.03
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.04
mailenable:mailenable_enterprise	mailenable mailenable enterprise	le	1.21
mailenable:mailenable_professional	mailenable mailenable professional	eq	1.0.004
mailenable:mailenable_professional	mailenable mailenable professional	eq	1.0.005

Rows per page:

1-10 of 731

References

secunia.com/advisories/20790

securitytracker.com/id?1016376

www.divisionbyzero.be/?p=173

www.divisionbyzero.be/?p=174

www.mailenable.com/hotfix/mesmtpc.zip

www.osvdb.org/26791

www.securityfocus.com/archive/1/438374/100/0/threaded

www.securityfocus.com/bid/18630

www.vupen.com/english/advisories/2006/2520

exchange.xforce.ibmcloud.com/vulnerabilities/27387

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.114 Low

EPSS

Percentile

95.3%

JSON

Related for CVE-2006-3277

openvas1 nessus1 cvelist1 nvd1