MailEnable IMAP STATUS Command Remote Overflow
High Nessus Plugin ID 19193
SynopsisThe remote IMAP server is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running a version of MailEnable's IMAP service that is prone to a buffer overflow attack when processing a STATUS command with a long mailbox name. Once authenticated, an attacker can exploit this flaw to execute arbitrary code subject to the privileges of the affected application.
SolutionUpgrade to MailEnable Professional 1.6 or later or to MailEnable Enterprise Edition 1.1 or later.