Mac Mail, GMail and vulnerability CVE-2004-2501

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Mac Mail, GMail and vulnerability CVE-2004-2501

L0 Member

On a PA 2020 running 4.03, the threat log is filled with clients triggering alerts for MailEnable IMAP Server Long Tag anomaly (CVE-2004-2501), rated "high".They are all in fact Mac Mail clients trying to talk IMAP to GMail servers on port 993. On the face of it they must all be false positives. SSL decryption is being used. Could anyone give any idea why Long Tag anomalies are being detected?

Neil Flanagan


L4 Transporter

Hello Neil,

if you can get a packet capture of this traffic, then you can open a case with support and they can refer this to the content team to verify if this is indeed a false positive.



  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!