Lucene search
SAINT CorporationSAINT:728E65AF8E4756349E76C40CA338CE47HistoryDec 28, 2006 - 12:00 a.m.
MailEnable POP PASS command buffer overflow
2006-12-2800:00:00
SAINT Corporation
download.saintcorporation.com
12
0.508 Medium
EPSS
Percentile
97.5%
Added: 12/28/2006
CVE: CVE-2006-6605
BID: 21645
OSVDB: 32341
Background
MailEnable is a mail server supporting SMTP and POP3 for Windows platforms.
Problem
A buffer overflow vulnerability in MailEnable allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted PASS command to the POP service.
Resolution
Apply hotfix ME-10026.
References
<http://secunia.com/secunia_research/2006-75/advisory/>
Limitations
Exploit works on MailEnable Enterprise 2.34.
Platforms
Windows 2000
Windows Server 2003 SP0
Windows Server 2003 / Windows Server 2003 SP1
Related
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against MailEnable POP3 Remote Code Execution Vulnerability
2006-12-31 00:00:00
MailEnable POP3 Service PASS Command Buffer Overflow (CVE-2006-6605)
2009-11-10 00:00:00
saint
saint
MailEnable POP PASS command buffer overflow
2006-12-28 00:00:00
MailEnable POP PASS command buffer overflow
2006-12-28 00:00:00
MailEnable POP PASS command buffer overflow
2006-12-28 00:00:00
securityvulns
securityvulns
MailEnable POP3 server buffer overflow
2006-12-18 00:00:00
nessus
nessus
MailEnable POP Server PASS Command Remote Overflow (ME-10026)
2006-12-19 00:00:00
cve
cve
CVE-2006-6605
2006-12-19 19:28:00
cvelist
cvelist
CVE-2006-6605
2006-12-19 19:00:00