Published: 12/12/2006 Updated: 17/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 up to and including 2.35, Professional Edition 1.6 up to and including 1.84, and Enterprise Edition 1.1 up to and including 1.41 allows remote malicious users to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mailenable mailenable enterprise 1.16
mailenable mailenable enterprise 1.17
mailenable mailenable enterprise 1.24
mailenable mailenable enterprise 1.25
mailenable mailenable enterprise 1.32
mailenable mailenable enterprise 1.33
mailenable mailenable enterprise 1.41
mailenable mailenable enterprise 2.35
mailenable mailenable enterprise 1.13
mailenable mailenable enterprise 1.14
mailenable mailenable enterprise 1.15
mailenable mailenable enterprise 1.22
mailenable mailenable enterprise 1.23
mailenable mailenable enterprise 1.30
mailenable mailenable enterprise 1.31
mailenable mailenable enterprise 1.39
mailenable mailenable enterprise 1.40
mailenable mailenable enterprise 1.11
mailenable mailenable enterprise 1.12
mailenable mailenable enterprise 1.2
mailenable mailenable enterprise 1.21
mailenable mailenable enterprise 1.28
mailenable mailenable enterprise 1.29
mailenable mailenable enterprise 1.36
mailenable mailenable enterprise 1.37
mailenable mailenable enterprise 1.38
mailenable mailenable enterprise 1.1
mailenable mailenable enterprise 1.18
mailenable mailenable enterprise 1.19
mailenable mailenable enterprise 1.26
mailenable mailenable enterprise 1.27
mailenable mailenable enterprise 1.34
mailenable mailenable enterprise 1.35
mailenable mailenable professional 1.84

## # $Id: mailenable_loginrb 9179 2010-04-30 08:40:19Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

#!/usr/bin/perl # # maildisable-v3pl # # Mail Enable Professional/Enterprise v232-4 (win32) remote exploit # by mu-b - Thu Nov 23 2006 # # - Tested on: Mail Enable Professional v232 (win32) - with HOTFIX # Mail Enable Professional v233 (win32) # Mail Enable Professional v234 (win32) # # what does this remind you off? ...

#!/usr/bin/perl # # maildisable-v6pl # # Mail Enable Professional <=v235 (win32) remote exploit # by mu-b - Tue Dec 5 2006 # # - Tested on: Mail Enable Professional v235 (win32) # # Note: timing is quite critical with this!!, so change $send_delay # if it doesn't work # ######## use Getopt::Std; getopts('t:n:', \%arg); use Socket; ...

NVD-CWE-Other http://secunia.com/secunia_research/2006-73/advisory/http://www.mailenable.com/hotfix/http://www.securityfocus.com/bid/21492 http://secunia.com/advisories/23201 http://securityreason.com/securityalert/2022 https://exchange.xforce.ibmcloud.com/vulnerabilities/30796 http://www.securityfocus.com/archive/1/454075/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16475/

CVE-2006-6423

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect