MailEnable IMAP Service Remote Buffer Overflows Network Vulnerability

Summary

The target is running at least one instance of MailEnable's IMAP service. Two flaws exist in MailEnable Professional Edition 1.52 and earlier as well as MailEnable Enterprise Edition 1.01 and earlier - a stack-based buffer overflow and an object pointer overwrite. A remote attacker can use either vulnerability to execute arbitrary code on the target. More information is available at : http://www.hat-squad.com/en/000102.html

Solution

Apply the IMAP hotfix dated 25 November 2004 and found at : http://www.mailenable.com/hotfix/default.asp

Severity

Classification

CVE CVE-2004-2501
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

GoodTech SSH Server SFTP Multiple BOF Vulnerabilities
Apache 'mod_deflate' Denial Of Service Vulnerability - July09
Active Perl Modules Multiple Vulnerabilities (Windows)
Apache httpd Web Server Range Header Denial of Service Vulnerability
Check for RealServer DoS

Take action and discover your vulnerabilities