|
Family: Denial of Service --> Category: denial
MailEnable IMAP Service Search DoS Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for Search DoS Vulnerability in MailEnable's IMAP Service
Detailed Explanation for this Vulnerability Test
The target is running at least one instance of MailEnable's IMAP
service. A flaw exists in MailEnable Professional Edition versions
1.5a-d that results in this service crashing if it receives a SEARCH
command. An authenticated user could send this command either on
purpose as a denial of service attack or unwittingly since some IMAP
clients, such as IMP and Vmail, use it as part of the normal login
process.
Solution : Upgrade to MailEnable Professional 1.5e or later.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|