VULHUB ™

MailEnable is reported prone to a remote denial of service vulnerability. This vulnerability is reported to exist in the MailEnable HTTP header parsing code. When reading a large content-length header field from an HTTP request, the operation overflows a fixed size memory buffer and the HTTP service will reportedly crash. The vulnerability can be exploited to crash the affected HTTP service, denying service to legitimate users. The possibility to execute arbitrary code may also be present.

MailEnable is reported prone to a remote denial of service vulnerability. This vulnerability is reported to exist in the MailEnable HTTP header parsing code. When reading a large content-length header field from an HTTP request, the operation overflows a fixed size memory buffer and the HTTP service will reportedly crash. The vulnerability can be exploited to crash the affected HTTP service, denying service to legitimate users. The possibility to execute arbitrary code may also be present.