[原文]HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348.
MailEnable Professional HTTPMail Service Authorization Header Handling Remote DoS
Remote / Network Access
Denial of Service,
Loss of Integrity,
Loss of Availability
MailEnble contains an flaw that may allow a remote denial of service. The issue is triggered when a malformed Authorization HTTP header is received via TCP port 8080, and will result in loss of availability for the service.
Currently, there are no known workarounds or upgrades to correct this issue. However, MailEnable has released a patch to address this vulnerability.