Ability Mail Server < 2.70 IMAP4 FETCH DoS

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote mail server is affected by a denial of service

Description :

The remote host appears to be running Ability Mail Server.

According to its banner, the IMAP service component of the installed
version of Ability Mail Server fails to correctly parse FETCH
commands. By sending a specially crafted FETCH command, an attacker
may be able to exploit this vulnerability to crash the IMAP server.

See also :


Solution :

Upgrade to Ability Mail Server version 2.70 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
CVSS Temporal Score : 3.5
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 41644 (ams_270.nasl)

Bugtraq ID: 36519

CVE ID: CVE-2009-3445

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now