Signature Detail

IMAP: MailEnable Status Overflow

This signature detects attempts to exploit a known vulnerability against MailEnable Professional. MailEnable Professional version 1.5 and earlier might be vulnerable. Attackers can supply the STATUS command with a large input string attempting to exploit this vulnerability. Successful exploitation can lead to arbitrary remote code execution.

Extended Description

MailEnable's IMAP server is prone to a remotely exploitable stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. Remote attackers may exploit this vulnerability to execute arbitrary machine code in the context of the affected application. This allows attackers to gain System level privileges, resulting in the complete compromise of the targeted computer.

Affected Products

• MailEnable MailEnable Enterprise Edition 1.0.0
• MailEnable MailEnable Enterprise Edition 1.0.0 1
• MailEnable MailEnable Enterprise Edition 1.0.0 2
• MailEnable MailEnable Enterprise Edition 1.0.0 3
• MailEnable MailEnable Enterprise Edition 1.0.0 4
• MailEnable MailEnable Professional 1.5.0
• MailEnable MailEnable Professional 1.51.0
• MailEnable MailEnable Professional 1.52.0
• MailEnable MailEnable Professional 1.53.0
• MailEnable MailEnable Professional 1.54.0

References

• BugTraq: 14243
• CVE: CVE-2005-2278