Info

Disclosure

Jul 12, 2005

Discovery

Unknown

Dates

Exploit

Jul 12, 2005

Solution

Unknown

Description

A remote overflow exists in MailEnable Professional and Enterprise. The product fails to validate input to the IMAP STATUS command resulting in a stack-based buffer overflow. With a specially crafted request, an authenticated attacker can cause the service to fail, and may be able to execute arbitrary code with System privileges, resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to MailEnable Professional version 1.6, MailEnable Enterprise version 1.1 or higher, as it has been reported to fix this vulnerability. In addition, MailEnable has released a patch for some older versions.

Products

MailEnable Pty. Ltd.	MailEnable Professional	1.5
		1.51
		1.52
		1.53
		1.54
	MailEnable Enterprise	1.0
		1.01
		1.02
		1.03
		1.04

References

Bugtraq ID: 14243
Secunia Advisory ID: 15986
CVE ID: 2005-2278 (see also: NVD)
Keyword: CORE-2005-0629
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0205.html
http://marc.theaimsgroup.com/?l=bugtraq&m=112127188609993&w=2
Generic Exploit URL: http://metasploit.com/projects/Framework/modules/exploits/mailenable_imap.pm
Other Advisory URL: http://www.coresecurity.com/common/showdoc.php?idx=467&idxseccion=10
http://www.coresecurity.com/common/showdoc.php?idx=467&idxseccion=10
Vendor URL: http://www.mailenable.com/
Vendor Specific Solution URL: http://www.mailenable.com/hotfix/default.asp

Credit

Ariel Sanchez - advisoriescoresecurity.com - Core Security Technologies

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

MailEnable Pty. Ltd.

MailEnable Professional

MailEnable Enterprise

References

Credit