Intrusion Prevention



This indicates an attempt to exploit a Null pointer vulnerability in the IMAP service in MAilEnable.
The vulnerability can be exploited by omission of the required arguments to IMAP commands like SEARCH and APPEND, causing an application crash. As a result an attacker can cause a denial of service, preventing the IMAP server from responding to legitimate users. This can be done by sending a malicious IMAP command string. Note that in some cases this does not require valid credentials.

Affected Products

MailEnable 3.13 and earlier.


Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade your IMAP service software to the latest version.

CVE References

CVE-2008-1277 CVE-2008-1276