SurgeMail Malformed Host Header Denial of Service Vulnerability

info
discussion
exploit
solution
references

SurgeMail Malformed Host Header Denial of Service Vulnerability

SurgeMail is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted HTTP POST requests

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

SurgeMail 38k4 for Microsoft Windows is vulnerable; other versions running on different platforms may also be affected.