PSCS VPOP3 2.0 - Email Server Remote Denial of Service

EDB-ID:

24305

CVE:

N/A


Author:

dr_insane

Type:

dos


Platform:

Multiple

Date:

2004-07-22


source: https://www.securityfocus.com/bid/10782/info

It is reported that VPOP3 is reported prone to a remote denial of service vulnerability. This issue presents itself when an attacker issues a URI request containing a large value for the 'msglistlen' parameter to the web mail interface.

VPOP3 2.0.0k is reported prone to this issue, however, it is likely that other versions are affected as well.

http://www.example.com:5108/messagelist.html?auth=MDA4MDA2MTQ6MTI3LjAuMC4xOmRpbWl0cmlz&msgliststart=0&msglistlen=10&sortfield=date&sortorder=A