MailEnable IMAP Server W3C Logging Overflow

high Nessus Plugin ID 19783

Synopsis

The remote IMAP server is prone to a buffer overflow attack.

Description

The remote host is running a version of MailEnable's IMAP service that is prone to a buffer overflow attack involving its handling of W3C logging. An attacker may be able to exploit this to execute arbitrary code subject to the privileges of the affected application, typically Administrator.

Solution

Apply the 3 October 2005 IMAP Rollup Critical Update/Performance Improvement Hotfix referenced in the vendor advisory above.

See Also

https://www.mailenable.com/forum/viewtopic.php?t=8555

http://www.mailenable.com/hotfix/

Plugin Details

Severity: High

ID: 19783

File Name: mailenable_imap_logging_overflow.nasl

Version: 1.19

Type: remote

Agent: windows

Family: Windows

Published: 10/4/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/3/2005

Exploitable With

Metasploit (MailEnable IMAPD W3C Logging Buffer Overflow)

Reference Information

CVE: CVE-2005-3155

BID: 15006