Signature Detail
Short Name |
SMTP:VULN:MAILENABLE-FS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
SMTP |
Keywords |
MailEnable Format String |
Release Date |
2007/06/25 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: MailEnable Format String
This signature detects attempts to exploit a known vulnerability against MailEnale server. Attackers can send malicious format strings that can allow the remote execution of arbitrary code.
Extended Description
MailEnable is reported prone to a remote format string vulnerability. Reportedly this issue arises when the application handles malicious data passed through a malformed SMTP request. A successful attack may result in crashing the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context the server. MailEnable 1.8 is reported vulnerable, however, it is possible that other versions are affected as well.
Affected Products
- MailEnable 1.8.0
References
- BugTraq: 12833
- CVE: CVE-2005-0804