Denial of service vulnerability in MailEnable Professional and Enterprise
CVE-2005-3813

Currently unrated

Key Information:

Vendor

Mailenable

Status
Mailenable Enterprise
Mailenable Professional
Vendor
CVE Published:
26 November 2005

What is CVE-2005-3813?

The IMAP service of MailEnable Professional 1.7 and Enterprise 1.1 is susceptible to a denial of service attack. Remote authenticated users can cause the application to crash by executing the RENAME command with a non-existent mailbox. This flaw exploits the IMAP protocol handling, allowing attackers to disrupt service without unauthorized access, leading to potential downtime for legitimate users.

References

http://securityreason.com/securityalert/205
third-party-advisoryx_refsource_SREASON
http://marc.info/?l=full-disclosure&m=113285451031500&w=2
mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/417589/30/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.