Detections
Analytics

MailEnable IMAP EXAMINE Command Remote Overflow

high Nessus Plugin ID 20322

Language:

Synopsis

It is possible to execute code on the remote IMAP server.

Description

The remote host is running a version of MailEnable's IMAP service that is prone to a buffer overflow attack when processing a EXAMINE command with a long mailbox name. Once authenticated, an attacker can exploit this flaw to execute arbitrary code subject to the privileges of the affected application. There are also reportedly similar issues with other IMAP commands.

Solution

Install Hotfix ME-10010 for MailEnable Professional 1.71 and earlier or MailEnable Enterprise Edition 1.1 and earlier.

See Also

http://www.nessus.org/u?4fd7ed9c

Plugin Details

Severity: High

ID: 20322

File Name: mailenable_imap_examine_overflow.nasl

Version: 1.20

Type: remote

Agent: windows

Family: Windows

Published: 12/20/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/20/2005

Reference Information

CVE: CVE-2005-4456

BID: 15985