Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3216

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3216
Last Modified 07 Mar 2011 09:38:06
Published 23 Jun 2006 09:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3216

Summary

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages.

Vulnerable Systems

Application

  • Clearswift Mailsweeper For Exchange 4.3.19

  • Clearswift Mailsweeper For Smtp 4.3.19


References

BID - 18584

SECUNIA - 20756

CONFIRM - http://download.mimesweeper.com/www/TechnicalDocumentation/ReadMe_MSW_4,3,20.htm

VUPEN - ADV-2006-2473

XF - mailsweeper-malformed-message-dos(27305)

XF - mailsweeper-reverse-dns-dos(27303)

OSVDB - 26739

OSVDB - 26738


Last Updated: 27 May 2016 10:42:56