PROTOCOL-IMAP -- Snort alerted on Internet Message Access Protocol (IMAP) traffic, an email retrieval system for clients over TCP/IP connection. This protocol handles emails on a remote server, so all actions are processed on that server rather than the user client. This protocol is vulnerable to injection, restriction and process evasions, leaks, relay abuse, and other attacks.
PROTOCOL-IMAP CRAM-MD5 authentication request detected
This event is generated when an attempt is made to exploit a known vulnerability in Lotus Domino. Impact: High Details: Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology. For more information see http://nvd.nist.gov/
No rule groups
None
No information provided
None