Signature Detail
Short Name |
IMAP:OVERFLOW:MAILENABLE-APPEND |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
IMAP |
Keywords |
MailEnable Append Command BOF |
Release Date |
2011/03/02 |
Update Number |
1876 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IMAP: MailEnable Append Buffer Overflow Vulnerability
This signature detects attempts to exploit a known buffer overflow vulnerability in MailEnable application. It is due to insufficient bound checking on a user-supplied buffer length value in a APPEND command. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the MailEnable application.
Extended Description
MailEnable is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
- MailEnable MailEnable Professional 2.32
- MailEnable MailEnable Professional 2.33
- MailEnable MailEnable Professional 2.35
- MailEnable MailEnable Professional 2.37
References
- BugTraq: 22792