MailEnable HTTPMail Service Authorization Header Remote Overflow

Critical Nessus Plugin ID 18123


A web application on the remote host has a buffer overflow vulnerability.


The version of MailEnable running on the remote host has a buffer overflow vulnerability when processing the Authorization field in the HTTP header. A remote attacker could exploit this to execute arbitrary code.


Upgrade to the latest version of this software.

See Also

Plugin Details

Severity: Critical

ID: 18123

File Name: mailenable_httpmail_authorization_overflow.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 2005/04/25

Modified: 2018/11/15

Dependencies: 10107

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/04/22

Exploitable With

Metasploit (MailEnable Authorization Header Buffer Overflow)

Reference Information

BID: 13350