This script is Copyright (C) 2005-2012 Tenable Network Security, Inc.
It is possible to execute code on the remote IMAP server.
The remote host is running a version of MailEnable's IMAP service
that is prone to a buffer overflow attack when processing a EXAMINE
command with a long mailbox name. Once authenticated, an attacker can
exploit this flaw to execute arbitrary code subject to the privileges
of the affected application. There are also reportedly similar issues
with other IMAP commands.
See also :
Install Hotfix ME-10010 for MailEnable Professional 1.71 and earlier or
MailEnable Enterprise Edition 1.1 and earlier.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 5.8
Public Exploit Available : false