[Full-disclosure] [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow

Type securityvulns
Reporter Securityvulns
Modified 2006-03-21T00:00:00



MailEnable POP3 Pre-Authentication Buffer Overflow [MU-200603-01] March 20, 2006


Affected Product / Versions:

MailEnable Professional 1.7, 1.71, 1.72 MailEnable Standard 1.91, 1.92 MailEnable Enterprise 1.2 MailEnable 2.0 betas

Product Overview:

"MailEnable's mail server software provides a powerful, scalable hosted messaging platform for Microsoft Windows. MailEnable offers stability, unsurpassed flexibility and an extensive feature set which allows you to provide cost-effective mail services."

Vulnerability Details:

A remote buffer overflow condition in MailEnable's POP3 service could allow for arbitrary code execution. The vulnerable code can be exercised remotely without authentication.

A second less critical bug was also reported and remedied. The bug involved a cryptographic implementation mistake that weakened authentication security.

Vendor Response / Solution:

Hotfix solution to this advisory: http://www.mailenable.com/hotfix/ME-10011.EXE

All hotfixes are available from: http://www.mailenable.com/hotfix

All versions have been updated to include the hotfix: http://www.mailenable.com/mailenablestandard.exe http://www.mailenable.com/mailenableprof.exe http://www.mailenable.com/mailenableent.exe

Mu Security would like to thank MailEnable in advance for timely remediation of these vulnerabilities.


This vulnerability was discovered by the Mu Security research team.


Mu Security is an early-stage innovator creating a new class of security analysis system. The company's mission is to widely deploy security analysis and reduce product and application vulnerabilities. Mu's founders include industry-recognized experts in the IDP, open source protocol analysis tools, ethical hacking, and network management markets The security analysis process and product solution provide a rigorous and streamlined methodology for verifying and improving the security readiness of any IP-based product or application. Mu Security, headquartered in Sunnyvale, California, is backed by preeminent venture capital firms including Accel Partners and Benchmark Capital.

The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin)

iD8DBQFEHy3hMl+docYeP+YRArUmAJ9vTonYk35qqowtX2nXPC/1qcKoJgCfSTcy IXCinIZDFIdL/DDnNQwtgnk= =Wuyy -----END PGP SIGNATURE-----

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/