MailEnable HTTPMail Service Authorization Header Remote Overflow

Critical Nessus Plugin ID 18123


A web application on the remote host has a buffer overflow vulnerability.


The version of MailEnable running on the remote host has a buffer overflow vulnerability when processing the Authorization field in the HTTP header. A remote attacker could exploit this to execute arbitrary code.


Upgrade to the latest version of this software.

See Also

Plugin Details

Severity: Critical

ID: 18123

File Name: mailenable_httpmail_authorization_overflow.nasl

Version: $Revision: 1.13 $

Type: remote

Family: CGI abuses

Published: 2005/04/25

Modified: 2016/11/19

Dependencies: 10107

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/04/22

Exploitable With

Metasploit (MailEnable Authorization Header Buffer Overflow)

Reference Information

BID: 13350

OSVDB: 15737