Hitachi Groupmax Mail Client Attachment Filename Handling DoS

2006-04-26T04:02:39
ID OSVDB:24969
Type osvdb
Reporter OSVDB
Modified 2006-04-26T04:02:39

Description

Vulnerability Description

Groupmax contains a flaw that may allow a remote denial of service. The issue is triggered when opening an SMTP message with an attachment with a filename which is an MS-DOS device name, and will result in loss of availability for the service.

Solution Description

Upgrade to the version specified as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Groupmax contains a flaw that may allow a remote denial of service. The issue is triggered when opening an SMTP message with an attachment with a filename which is an MS-DOS device name, and will result in loss of availability for the service.

References:

Vendor Specific Advisory URL Secunia Advisory ID:19840 Other Advisory URL: http://jvn.jp/jp/JVN%2389344424/index.html Keyword: HS06-006-01 FrSIRT Advisory: ADV-2006-1539 CVE-2006-2087