Vulnerabilities > CVE-2017-15223 - Infinite Loop vulnerability in Argosoft Mini Mail Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

argosoft

CWE-835

exploit available

NVD

Published: 2017-10-24

Updated: 2019-10-03

Summary

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop.

Vulnerable Configurations

Part	Description	Count
Application	Argosoft Argosoft Mini Mail Server *	1

Common Weakness Enumeration (CWE)

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit-Db

description	ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service. CVE-2017-15223. Dos exploit for Windows platform
file	exploits/windows/dos/43026.py
id	EDB-ID:43026
last seen	2017-10-23
modified	2017-10-21
platform	windows
port
published	2017-10-21
reporter	Exploit-DB
source	https://www.exploit-db.com/download/43026/
title	ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service
type	dos

Packetstorm

data source	https://packetstormsecurity.com/files/download/144743/argosoftmms1002-dos.txt
id	PACKETSTORM:144743
last seen	2017-10-27
published	2017-10-25
reporter	Berk Cem Goksel
source	https://packetstormsecurity.com/files/144743/ArGoSoft-Mini-Mail-Server-1.0.0.2-Denial-Of-Service.html
title	ArGoSoft Mini Mail Server 1.0.0.2 Denial Of Service

References

https://www.exploit-db.com/exploits/43026/