SurfControl SuperScout Email Filter Missing Content-Length HTTP Header Field DoS Vulnerability

SurfControl SuperScout Email Filter Missing Content-Length HTTP Header Field DoS Vulnerability

SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities.

The administrative web interface is prone to a denial of service when handling a malformed HTTP request. Upon receipt of a request that does not contain a Content-Length HTTP Header field, the administrative interface will crash.

It may be possible for attackers to exploit this condition to execute arbitrary code. This is not confirmed.