MailEnable IMAP Service Search DoS Vulnerability Network Vulnerability

Summary

The target is running at least one instance of MailEnable's IMAP service. A flaw exists in MailEnable Professional Edition versions 1.5a-d that results in this service crashing if it receives a SEARCH command. An authenticated user could send this command either on purpose as a denial of service attack or unwittingly since some IMAP clients, such as IMP and Vmail, use it as part of the normal login process.

Solution

Upgrade to MailEnable Professional 1.5e or later.

Severity

Classification

CVE CVE-2004-2194
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Denial of Service (DoS) in Microsoft SMS Client
freeSSHd Pre-Authentication Error Remote DoS Vulnerability
Firefox XUL Parsing Denial of Service Vulnerability (Linux)
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
Asterisk RTP Text Frames Denial Of Service Vulnerability

Take action and discover your vulnerabilities