MailEnable IMAP Server EXAMINE Command Remote DoS

Medium Nessus Plugin ID 20837


The remote IMAP server is susceptible to denial of service attacks.


The remote host is running MailEnable, a commercial mail server for Windows.

According to the version number in its banner, the IMAP server bundled with the installation of MailEnable Professional on the remote host may crash when handling certain EXAMINE commands. An authenticated attacker may be able to leverage this issue to deny service to users with a specially crafted EXAMINE command.


Upgrade to MailEnable Professional 1.72 or later.

See Also

Plugin Details

Severity: Medium

ID: 20837

File Name: mailenable_imap_172.nasl

Version: $Revision: 1.17 $

Type: remote

Agent: windows

Family: Windows

Published: 2006/02/02

Modified: 2011/10/06

Dependencies: 11414, 10263

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Excluded KB Items: imap/false_imap

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2006/02/01

Reference Information

CVE: CVE-2006-0503

BID: 16457

OSVDB: 22852