CVE-2007-6101
Ability Mail Server < 2.61 - Authenticated Denial of Service via Malformed IMAP Command
Title source: llmDescription
Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/42400
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26514
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27736
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/42399
Patch x_refsource_confirm
http://www.code-crafters.com/abilitymailserver/updatelog.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38586
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38587
Scores
EPSS
0.0135
EPSS Percentile
68.3%
Details
CWE
CWE-20
Status
published
Products (30)
code-crafters/ability_mail_server
1.18
code-crafters/ability_mail_server
2.01b
code-crafters/ability_mail_server
2.02b
code-crafters/ability_mail_server
2.03b
code-crafters/ability_mail_server
2.04b
code-crafters/ability_mail_server
2.05b
code-crafters/ability_mail_server
2.10
code-crafters/ability_mail_server
2.11
code-crafters/ability_mail_server
2.12
code-crafters/ability_mail_server
2.13
... and 20 more
Published
Nov 23, 2007
Tracked Since
Feb 18, 2026