MDaemon IMAP Server CREATE Command Mailbox Name Handling Overflow
High Nessus Plugin ID 11577
SynopsisThe remote IMAP server has a buffer overflow vulnerability.
DescriptionAccording to its banner, the version of MDaemon running on the remote host has a buffer overflow vulnerability in the CREATE command. A remote attacker could exploit this to execute arbitrary code, or cause a denial of service. A crash would prevent other MDaemon services (SMTP, POP) from running as well.
SolutionUpgrade to MDaemon 6.7.10 or later.