Added: 12/28/2006
CVE: CVE-2006-6605
BID: 21645
OSVDB: 32341
MailEnable is a mail server supporting SMTP and POP3 for Windows platforms.
A buffer overflow vulnerability in MailEnable allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted PASS command to the POP service.
Apply hotfix ME-10026.
<http://secunia.com/secunia_research/2006-75/advisory/>
Exploit works on MailEnable Enterprise 2.34.
Windows 2000
Windows Server 2003 SP0
Windows Server 2003 / Windows Server 2003 SP1