Intrusion Prevention

IMAP.Service.Command.APPEND.Buffer.Overflow

Description

This indicates an attack attempt to exploit a buffer-overflow vulnerability in MailEnable IMAP service that may allow remote attackers to execute arbitrary code via an overly long APPEND command argument.

Affected Products

MailEnable Enterprise Edition version 2.37 and prior.
MailEnable Professional Edition version 2.37 and prior.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.mailenable.com/hotfix/ME-10029.EXE