MailEnable IMAP Service Search DoS Vulnerability

Summary
The target is running at least one instance of MailEnable's IMAP service. A flaw exists in MailEnable Professional Edition versions 1.5a-d that results in this service crashing if it receives a SEARCH command. An authenticated user could send this command either on purpose as a denial of service attack or unwittingly since some IMAP clients, such as IMP and Vmail, use it as part of the normal login process.
Solution
Upgrade to MailEnable Professional 1.5e or later.