Vulnerability CVE-2006-6423


Published: 2006-12-11   Modified: 2012-02-12

Description:
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

See advisories in our WLB2 database:
Topic
Author
Date
High
MailEnable IMAP Service Buffer OverflowVulnerability
Secunia Research
14.12.2006

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Mailenable -> Mailenable enterprise 
Mailenable -> Mailenable professional 

 References:
http://securityreason.com/securityalert/2022
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/454075/100/0/threaded
http://www.securityfocus.com/bid/21492
https://exchange.xforce.ibmcloud.com/vulnerabilities/30796

Copyright 2022, cxsecurity.com

 

Back to Top