AXIGEN Mail Server IMAP Server Multiple Authentication Methods DoS

High Nessus Network Monitor Plugin ID 3906


The remote IMAP server is prone to multiple vulnerabilities.


The remote host is running AXIGEN Mail Server, a messaging system for Linux and BSD. The IMAP server component of AXIGEN Mail Server is affected by two denial of service issues involving PLAIN and CRAM-MD5 authentication methods. An unauthenticated remote attacker can leverage these issues to crash the IMAP service and possibly even execute arbitrary code remotely.


Upgrade or patch according to vendor recommendations.

See Also

Plugin Details

Severity: High

ID: 3906

File Name: 3906.prm

Family: IMAP Servers

Published: 2007/02/09

Modified: 2016/02/05

Nessus ID: 24321

Risk Information

Risk Factor: High


Base Score: 8.3

Temporal Score: 7.9

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND


Base Score: 8.7

Temporal Score: 8.4


Temporal Vector: CVSS3#E:F/RL:U/RC:X

Reference Information

CVE: CVE-2007-0886, CVE-2007-0887

BID: 22473, 22603