MDaemon < 8.15 IMAP Mail Folder Name Remote Overflow
Medium Nessus Network Monitor Plugin ID 3449
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running Alt-N MDaemon, an SMTP/IMAP server for Windows. This version of MDaemon is vulnerable to a flaw in the way that it handles malformed IMAP commands. An attacker exploiting this flaw would need to be able to authenticate to the server and issue IMAP 'CREATE' and 'LIST' commands. Successful exploitation would result in the attacker executing arbitrary code or crashing the service.
SolutionUpgrade to version 8.15 or higher.