PT-2006-7032 · Mailenable · Mailenable Enterprise Edition+1

Jj Reyes

Publicado

2006-12-12

Atualizado

2018-10-17

CVE-2006-6423

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MailEnable Professional Edition versions 1.6 through 1.84 MailEnable Professional Edition versions 2.0 through 2.35 MailEnable Enterprise Edition versions 1.1 through 1.41

Description The issue is a stack-based buffer overflow in the IMAP service, allowing remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string.

Recommendations For MailEnable Professional Edition versions 1.6 through 1.84, apply the ME-10025 hotfix. For MailEnable Professional Edition versions 2.0 through 2.35, apply the ME-10025 hotfix. For MailEnable Enterprise Edition versions 1.1 through 1.41, apply the ME-10025 hotfix.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-6423

Produtos afetados

Mailenable Enterprise Edition

Mailenable Professional Edition

PT-2006-7032 · Mailenable · Mailenable Enterprise Edition+1

CVE-2006-6423

Identificadores relacionados

Produtos afetados

Referências · 12