COMMAND

    MDaemon

SYSTEMS AFFECTED

    Alt-N Technologies MDaemon 3.5.6

PROBLEM

    'nitr0s'  found  following.   Some  of  the  commands for the IMAP
    server do  not have  proper bounds  checking, enabling  a user  to
    shutdown the  service remotely.   It should  be noted  that a user
    account  is  required.   The  commands  affected  are  SELECT  and
    EXAMINE.  The  SELECT command selects  a mailbox so  that messages
    in it can be accessed.   EXAMINE works in the same way  as SELECT,
    however  the  mailbox  is  marked  as  read-  only  and  cannot be
    modified.

    Connect to the  service which runs  on port 143  default and login
    with the username and pass.

        * OK company.mail IMAP4rev1 MDaemon 3.5.6 ready

        1 LOGIN JOE PASSWORD
        * OK LOGIN completed
        1 SELECT AAAAAAA....

    Where A is more than 250 characters in length, once this is  sent,
    MDaemon  will  send  back  the  following error before closing the
    connection and terminating:

        1 NO Mailbox does not exist

    A restart of the application  is needed to resume the  service, no
    other applications are affected and the operating system  performs
    as usual.

SOLUTION

    Nothing yet.