PT-2004-3474 · Smartertools · Smartermail

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2583

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SmarterMail versions 1.6.1511 through 1.6.1529

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by establishing a large number of simultaneous open connections to the SMTP service on TCP port 25.

Recommendations For versions 1.6.1511 through 1.6.1529, consider restricting access to the SMTP service on TCP port 25 to minimize the risk of exploitation. As a temporary workaround, limit the number of simultaneous connections to the SMTP service until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2583

Affected Products

Smartermail

PT-2004-3474 · Smartertools · Smartermail

CVE-2004-2583

Related Identifiers

Affected Products

References · 6