Detections
Analytics

MailEnable HTTPMail Service Authorization Header Remote Overflow

critical Nessus Plugin ID 18123

Language:

Synopsis

A web application on the remote host has a buffer overflow vulnerability.

Description

The version of MailEnable running on the remote host has a buffer overflow vulnerability when processing the Authorization field in the HTTP header. A remote attacker could exploit this to execute arbitrary code.

Solution

Upgrade to the latest version of this software.

See Also

https://seclists.org/bugtraq/2005/Apr/408

Plugin Details

Severity: Critical

ID: 18123

File Name: mailenable_httpmail_authorization_overflow.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 4/25/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/22/2005

Exploitable With

Metasploit (MailEnable Authorization Header Buffer Overflow)

Reference Information

BID: 13350