2.1.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

extremail

NVD

Published: 2007-04-24

Updated: 2024-11-21

Summary

eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing.

Vulnerable Configurations

Part	Description	Count
Application	Extremail Extremail Extremail 2.1 Extremail Extremail 2.1.1	2

References

http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0569.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0569.html
http://osvdb.org/35584
http://osvdb.org/35584
http://www.securityfocus.com/bid/23577
http://www.securityfocus.com/bid/23577