Short Name |
IMAP:OVERFLOW:LIT_LENGTH_OFLOW |
---|---|
Severity |
Critical |
Recommended |
Yes |
Category |
IMAP |
Release Date |
2004/01/29 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This protocol anomaly detects an IMAP literal that specifies more octets than the user-defined maximum. A literal is a sequence of zero or more octets. The default maximum number of octets can changed in the Sensor Settings Rulebase>Protocol Thresholds and Configuration>IMAP>Maximum Literal Length.
Microsoft Exchange is prone to a remote denial-of-service vulnerability because it fails to properly handle specially crafted IMAP commands. Successfully exploiting this issue allows remote attackers to cause targeted Exchange servers' mail service to stop responding, thus denying further email service for legitimate users. To recover from the denial-of-service condition, administrators must restart the IIS Admin Service service.