MailEnable IMAP Server Multiple Remote Buffer Overflows

This script is Copyright (C) 2004-2011 George A. Theall


Synopsis :

The remote mail server is affected by several buffer overflow issues.

Description :

The target is running at least one instance of MailEnable's IMAP
service. Two flaws exist in MailEnable Professional Edition 1.52 and
earlier as well as MailEnable Enterprise Edition 1.01 and earlier - a
stack-based buffer overflow and an object pointer overwrite. A remote
attacker can use either vulnerability to execute arbitrary code on the
target.

See also :

http://www.hat-squad.com/en/000102.html
http://www.mailenable.com/hotfix/default.asp

Solution :

Apply the IMAP hotfix dated 25 November 2004.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 15852 (mailenable_imap_overflows.nasl)

Bugtraq ID: 11755

CVE ID: CVE-2004-2501

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now