MailEnable IMAP Server EXAMINE Command Remote DoS
Medium Nessus Plugin ID 20837
SynopsisThe remote IMAP server is susceptible to denial of service attacks.
DescriptionThe remote host is running MailEnable, a commercial mail server for Windows.
According to the version number in its banner, the IMAP server bundled with the installation of MailEnable Professional on the remote host may crash when handling certain EXAMINE commands. An authenticated attacker may be able to leverage this issue to deny service to users with a specially crafted EXAMINE command.
SolutionUpgrade to MailEnable Professional 1.72 or later.