MailEnable HTTPMail Service Authorization Header Remote Overflow

Critical Nessus Plugin ID 18123

Synopsis

A web application on the remote host has a buffer overflow vulnerability.

Description

The version of MailEnable running on the remote host has a buffer overflow vulnerability when processing the Authorization field in the HTTP header. A remote attacker could exploit this to execute arbitrary code.

Solution

Upgrade to the latest version of this software.

See Also

http://seclists.org/bugtraq/2005/Apr/408

Plugin Details

Severity: Critical

ID: 18123

File Name: mailenable_httpmail_authorization_overflow.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 2005/04/25

Modified: 2018/06/13

Dependencies: 10107

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/04/22

Exploitable With

Metasploit (MailEnable Authorization Header Buffer Overflow)

Reference Information

BID: 13350