Gordano NTMail Web Configuration DoS Vulnerability

The web configuration service (which runs on port 8000 by default) in Gordano NTMail does not flush incomplete HTTP requests. Therefore, NTMail is susceptible to a denial of service attack if multiple incomplete HTTP requests are received. CPU utilization will eventually reach 100% causing the application to crash. Restarting the service is required in order to regain normal functionality.


 

Privacy Statement
Copyright 2010, SecurityFocus