Lucene search
SAINT CorporationSAINT:A19B4FF9AC205F34D14BAB53A7F3A5C0HistoryDec 03, 2005 - 12:00 a.m.
MailEnable IMAP W3C Logging Buffer Overflow
2005-12-0300:00:00
SAINT Corporation
download.saintcorporation.com
15
0.779 High
EPSS
Percentile
98.3%
Added: 12/03/2005
CVE: CVE-2005-3155
BID: 15006
OSVDB: 19842
Background
MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail.
Problem
MailEnable’s IMAP service is affected by a buffer overflow condition in the handling of W3C logging. This could allow authenticated users to execute arbitrary commands.
Resolution
Upgrade to MailEnable Professional 1.7 or MailEnable Enterprise 1.1 with all needed hotfixes.
References
<http://secunia.com/advisories/17010>
Limitations
Exploit works on MailEnable Professional 1.6. A valid IMAP user name and password are required.
Platforms
Windows 2000 / Windows XP
Windows Server 2003
Related
saint
saint
MailEnable IMAP W3C Logging Buffer Overflow
2005-12-03 00:00:00
MailEnable IMAP W3C Logging Buffer Overflow
2005-12-03 00:00:00
MailEnable IMAP W3C Logging Buffer Overflow
2005-12-03 00:00:00
packetstorm
packetstorm
MailEnable IMAPD W3C Logging Buffer Overflow
2009-11-26 00:00:00
nessus
nessus
MailEnable IMAP Server W3C Logging Overflow
2005-10-04 00:00:00
cvelist
cvelist
CVE-2005-3155
2005-10-05 04:00:00
cve
cve
CVE-2005-3155
2005-10-05 23:02:00
nvd
nvd
CVE-2005-3155
2005-10-05 23:02:00
checkpoint_advisories
checkpoint_advisories