Denial of Service Vulnerability in Avaya Modular Messaging Server
CVE-2005-4471

Currently unrated

Key Information:

Vendor: Avaya
Status: Modular Messaging Message Storage Server
Vendor: CVE Published:; 22 December 2005

Summary

The POP3 service in Avaya's Modular Messaging Message Storage Server (MSS) version 2.0 SP 4 and prior is susceptible to a denial of service attack. This vulnerability arises from the server's failure to properly handle specially crafted packets, resulting in an infinite loop that can disrupt service availability. Attackers can exploit this flaw remotely, making it critical for users to implement the necessary security measures and updates to safeguard their systems.

References

http://www.securityfocus.com/bid/16024

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2005/3026

vdb-entryx_refsource_VUPEN

http://support.avaya.com/elmodocs2/security/ASA-2005-235.pdf

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 22, 2005
Vulnerability Reserved
Dec 21, 2005