33 matches found
CVE-2005-1348
CVE-2005-1348 corresponds to a buffer overflow in MailEnable’s HTTPMail service. Concrete details: affected products are MailEnable Enterprise (versions 1.04 and earlier) and MailEnable Professional (versions 1.54 and earlier). The overflow occurs via a long HTTP Authorization header, allowing a ...
CVE-2005-3690
Affected software: MailEnable Professional 1.6 and earlier; MailEnable Enterprise 1.1 and earlier (IMAP server meimaps.exe). Issue: Stack-based buffer overflow when processing overly long mailbox names in IMAP commands (SELECT, CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE), allowing remote atta...
CVE-2008-1275
Technical details (affected products, exact vulnerability mechanisms, and remediation) are not publicly provided in the supplied documents. Monitor for updates as new information may be released.
CVE-2004-2501
CVE-2004-2501 describes a stack-based buffer overflow in MailEnable’s IMAP service (Professional 1.52 and Enterprise 1.01 and earlier). The vulnerability arises from improper boundary/IMAP data handling, allowing an unauthenticated remote attacker to cause a crash or execute arbitrary code by sen...
CVE-2005-2223
CVE-2005-2223 affects the MailEnable SMTP service. Public docs indicate an unknown vulnerability in MailEnable Standard before 1.9 and Professional before 1.6 that allows remote attackers to cause a denial of service (crash) during authentication. Red Hat records echo the unknown vulnerability, a...
CVE-2006-1792
CVE-2006-1792 pertains to MailEnable’s POP service with affected versions: Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22. The vulnerability is described as unspecified with unknown attack vectors and impact related to “authentication exploits.”...
CVE-2005-1781
CVE-2005-1781 affects MailEnable SMTP authentication. The vulnerability is a buffer overflow in handling the AUTH LOGIN command, allowing a remote unauthenticated attacker to terminate the service or potentially execute arbitrary code with SYSTEM privileges. Impact includes denial of service and ...
CVE-2005-3155
CVE-2005-3155 concerns a buffer overflow in the W3C logging functionality of MailEnable IMAPD. Publicly documented impact indicates remote code execution against MailEnable Professional 1.6 and earlier and MailEnable Enterprise 1.1 and earlier. Exploit references (Metasploit module and SAINT/pack...
CVE-2004-2194
CVE-2004-2194 – MailEnable DoS . Affected: MailEnable Professional Edition < 1.53 and Enterprise Edition
CVE-2005-1014
MailEnable’s IMAP service is affected on Enterprise 1.04 and earlier and Professional 1.54 by a buffer overflow triggered by a long AUTHENTICATE command. This allows remote arbitrary code execution (no authentication required per CVSS vector). Impact is described as partial confidentiality, integ...
CVE-2006-6423
MailEnable IMAPD vulnerable in Enterprise/Professional editions (2.0–2.35 for Pro; 1.1–1.41/1.84 for various branches; 2.0–2.35), with a stack-based buffer overflow in the IMAP Login command that allows remote code execution via a crafted parameter and a long string in a pre-authenticated request...
CVE-2005-1013
CVE-2005-1013 affects MailEnable Enterprise 1.04 and earlier and MailEnable Professional 1.54 and earlier. The issue is a denial-of-service via an EHLO command containing a Unicode string, which can crash the SMTP service. Connected documents corroborate a MailEnable SMTP DoS vector related to ma...
CVE-2005-2278
The CVE-2005-2278 issue affects MailEnable Professional IMAPD 1.54. A stack-based buffer overflow occurs in the IMAP STATUS command when handling long mailbox names, exploitable by an authenticated remote user to execute arbitrary code. Valid exploits are evidenced by multiple sources (Metasploit...
CVE-2006-0503
Summary of CVE-2006-0503 : The IMAP server in MailEnable Professional Edition prior to 1.72 is vulnerable to a remote denial of service via certain EXAMINE commands. Exploitation results in a service crash, affecting the MailEnable IMAP service. Remediation: upgrade to MailEnable Professional Edi...
CVE-2007-0652
CVE-2007-0652 describes a CSRF vulnerability in MailEnable Professional prior to version 2.37 . An attacker can leverage a crafted link or IMG tag to cause an authenticated user to perform unauthorized actions, effectively allowing the attacker to modify arbitrary configurations and act as arbitr...
CVE-2005-3813
The CVE-2005-3813 entry concerns MailEnable’s IMAP service (meimaps.exe) in MailEnable Professional 1.7 and Enterprise 1.1. The vulnerability arises from incorrect handling of mailbox names during the RENAME command, allowing an authenticated remote attacker to trigger a denial of service (IMAP s...
CVE-2006-1338
CVE-2006-1338 affects MailEnable Webmail in Professional Edition before 1.73 and Enterprise Edition before 1.21. The vulnerability allows remote attackers to cause a denial of service through CPU consumption by handling specially crafted quoted-printable emails in the webmail interface (vectors a...
CVE-2006-3277
Summary: CVE-2006-3277 affects MailEnable's SMTP service (Standard 1.92 and earlier; Professional 2.0 and earlier; Enterprise 2.0 and earlier) prior to the MESMTPC hotfix. A remote attacker can trigger a denial-of-service (application crash) by sending a HELO command containing a null byte, poten...
CVE-2006-5177
MailEnable Professional 2.0 and Enterprise 2.0 NTLM authentication is vulnerable. Remote attackers can craft base64 NTLM messages to trigger a buffer over-read, enabling arbitrary code execution or a denial of service via NTLM Type 1/Type 3 messages. The vulnerability affects the SMTP/NTLM handli...
CVE-2006-6484
CVE-2006-6484 affects MailEnable’s IMAP service in Professional/Enterprise Editions (versions 2.0–2.34; 1.1–1.40 ranges as listed) and causes a crash (DoS) via vectors that trigger a null pointer dereference. A hotfix ME-10023 addresses this issue; it is noted to be a separate issue from CVE-2006...
CVE-2007-1301
CVE-2007-1301 describes a stack-based buffer overflow in the IMAP service of MailEnable Enterprise and Professional Editions
CVE-2006-6605
This CVE (CVE-2006-6605) affects MailEnable POP3 service: a stack-based buffer overflow in handling the PASS command allows remote, unauthenticated attackers to execute arbitrary code. A boundary/overflow occurs when processing an overly long PASS argument, potentially enabling code execution wit...
CVE-2006-6290
CVE-2006-6290 affects MailEnable IMAP server (MEIMAPS.EXE) in MailEnable Professional (versions 1.6–1.82 and 2.0–2.33) and MailEnable Enterprise (1.1–1.30 and 2.0–2.33). The issue is multiple stack-based overflow vulnerabilities in the IMAP service caused by insufficient input handling for mailbo...
CVE-2006-6964
MailEnable Professional prior to v1.78 contains an information disclosure vulnerability: when an administrator edits a user’s settings, a cleartext user password is exposed in the HTML source. This allows remote authenticated administrators to obtain sensitive information. The affected product/co...
CVE-2007-0651
MailEnable Professional (before 2.37) is affected by CVE-2007-0651 with multiple XSS flaws in the Web Mail Client. The vulnerabilities allow remote injection of arbitrary JavaScript by exploiting unsanitized content in email messages and in the ID parameter for mewebmail/base/default/lang/EN/{rig...
CVE-2008-1276
CVE-2008-1276 affects MailEnable Professional/Enterprise IMAP (MEIMAPS.EXE) up to version 3.13. Multiple buffer overflows allow remote authenticated attackers to execute arbitrary code via long arguments to FETCH, EXAMINE, and UNSUBSCRIBE commands. This is documented in the NVD entry and related ...
CVE-2006-4616
The CVE-2006-4616 issue affects the MailEnable SMTP service (Standard/Professional/Enterprise), where SPF lookups for domains with large records can trigger a NULL pointer exception in the SMTP service, allowing unauthenticated remote attackers to cause a denial of service. Affected products are ...
CVE-2008-1277
The CVE-2008-1277 issue affects MailEnable Professional Edition and Enterprise Edition up to version 3.13. The IMAP service (MEIMAPS.exe) is vulnerable when handling the SEARCH and APPEND commands without required arguments, causing a NULL pointer dereference and resulting in a denial of service....
CVE-2005-4402
CVE-2005-4402 describes a buffer overflow in MailEnable Professional (1.71 and earlier) and MailEnable Enterprise (1.1 and earlier). The root cause is a buffer overflow triggered by a long IMAP EXAMINE command, allowing remote authenticated users to potentially execute arbitrary code. The availab...
CVE-2005-4456
CVE-2005-4456 describes multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 prior to patch ME-10009, enabling remote attackers to crash the service and possibly execute arbitrary code via long LIST, LSUB, and UID FETCH commands. The description notes these may be alternat...
CVE-2006-5176
MailEnable Professional 2.0 and Enterprise 2.0 are affected by a buffer overflow in NTLM authentication, allowing remote, unauthenticated attackers to execute arbitrary code via the signature field of NTLM Type 1 messages. The issue enables remote code execution or service crash in the MailEnable...
CVE-2005-2222
Technical details about CVE-2005-2222 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories before drawing conclusions on impact or remediation.
CVE-2005-3993
CVE-2005-3993 affects MailEnable Professional 1.6 and earlier and MailEnable Enterprise 1.1 and earlier. The issue is multiple unspecified vulnerabilities that allow a denial of service (crash) via invalid IMAP commands. The provided documents do not specify the root cause details, affected versi...