Signature Detail
Short Name |
SMTP:COMMAND:AV-INETSERV-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMTP |
Keywords |
A-V Tronics InetServ SMTP DOS |
Release Date |
2011/03/29 |
Update Number |
1890 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: A-V Tronics InetServ SMTP DOS
This signature detects attempts to exploit a known vulnerability against the EXPN command in InetServ server. An attacker can exploit this issue by supplying a large number of format string characters in EXPN SMTP command. A successful attack can result in a denial-of-service condition.
Extended Description
InetServ is prone to a denial-of-service vulnerability. Exploiting this issue may allow attackers to cause the application to crash, resulting in denial-of-service conditions. Inetserv 3.23 is vulnerable; other versions may also be affected.
Affected Products
- A-V Tronics InetServ 3.23
References
- BugTraq: 45960
- URL: http://www.avtronics.net/inetserv.php