MailEnable IMAP Server Multiple Remote Buffer Overflows

High Nessus Plugin ID 15852


The remote mail server is affected by several buffer overflow issues.


The target is running at least one instance of MailEnable's IMAP service. Two flaws exist in MailEnable Professional Edition 1.52 and earlier as well as MailEnable Enterprise Edition 1.01 and earlier - a stack-based buffer overflow and an object pointer overwrite. A remote attacker can use either vulnerability to execute arbitrary code on the target.


Apply the IMAP hotfix dated 25 November 2004.

See Also

Plugin Details

Severity: High

ID: 15852

File Name: mailenable_imap_overflows.nasl

Version: $Revision: 1.16 $

Type: remote

Agent: windows

Family: Windows

Published: 2004/11/30

Modified: 2011/04/20

Dependencies: 12288, 17975

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/11/25

Reference Information

CVE: CVE-2004-2501

BID: 11755

OSVDB: 12135, 12136