MailEnable SMTP AUTH LOGIN buffer overflow
Added: 06/30/2006CVE: CVE-2005-1781
BID: 13772
OSVDB: 16851
Background
MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services.Problem
The SMTP service in MailEnable is affected by a buffer overflow vulnerability which could allow a remote unauthenticated attacker to execute arbitrary commands by sending a specially crafted AUTH LOGIN command.Resolution
Apply the hotfix.References
http://secunia.com/advisories/15487Limitations
Exploit works on MailEnable Enterprise Edition 1.04 on Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 SP0.Platforms
Windows 2000Windows XP
Windows Server 2003
Back to exploit index