Denial of Service in MailEnable SMTP Service Impacting Various Versions
CVE-2006-4616

Currently unrated

Key Information:

Vendor: Mailenable
Status: Mailenable Standard; Mailenable Professional; Mailenable Enterprise
Vendor: CVE Published:; 7 September 2006

What is CVE-2006-4616?

The MailEnable SMTP service is vulnerable to a denial of service attack that can be triggered by a specially crafted SPF record. When the service attempts to perform lookups for a domain with numerous SPF records, it may result in a null pointer exception. This can lead to the service becoming unresponsive, effectively disrupting mail operations. This vulnerability affects several versions of MailEnable before the ME-10014 (20060904) patch, and users are advised to update their installations promptly to mitigate potential risks.

References

http://www.vupen.com/english/advisories/2006/3669

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1016792

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/28910

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 7, 2006
Vulnerability Reserved
Sep 6, 2006

CVE-2006-4616 Data

JSON

Mailenable

What is CVE-2006-4616?

References

Timeline