5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
72.0%
Added: 06/30/2006
CVE: CVE-2005-1781
BID: 13772
OSVDB: 16851
MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services.
The SMTP service in MailEnable is affected by a buffer overflow vulnerability which could allow a remote unauthenticated attacker to execute arbitrary commands by sending a specially crafted AUTH LOGIN command.
Apply the hotfix.
<http://secunia.com/advisories/15487>
Exploit works on MailEnable Enterprise Edition 1.04 on Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 SP0.
Windows 2000
Windows XP
Windows Server 2003