Tim Shelton

**Name of the Vulnerable Software and Affected Versions** MailEnable Professional versions 1.71 and prior MailEnable Enterprise versions 1.1 and prior **Description** The issue is related to multiple buffer overflows in MailEnable, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via long commands such as `LIST`, `LSUB`, and `UID FETCH`. These vulnerabilities can be exploited by an authenticated user to cause a DoS via malformed arguments or to cause a stack-based buffer overflow via an overly long argument. **Recommendations** For MailEnable Professional versions 1.71 and prior, apply patch ME-10009 to resolve the issue. For MailEnable Enterprise versions 1.1 and prior, apply patch ME-10009 to resolve the issue. As a temporary workaround, consider restricting access to the IMAP service or disabling the `UID FETCH`, `LIST`, and `LSUB` commands until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** MailEnable Enterprise versions 1.1 and prior MailEnable Professional versions 1.71 and prior **Description** The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via several "..." (triple dot) sequences in a `UID FETCH` command. It is also caused by errors in handling arguments passed to certain IMAP commands, such as `UID FETCH`, `LIST`, and `LSUB`. This can be exploited by an authenticated user to cause a DoS via malformed arguments or to cause a stack-based buffer overflow via an overly long argument. **Recommendations** For MailEnable Enterprise version 1.1, apply patch ME-10009 to resolve the issue. For MailEnable Enterprise versions prior to 1.1, update to version 1.1 and apply patch ME-10009. For MailEnable Professional version 1.71 and prior, update to a version later than 1.71. As a temporary workaround, consider restricting access to the `UID FETCH`, `LIST`, and `LSUB` IMAP commands until a patch is available.

**Name of the Vulnerable Software and Affected Versions** VMWare Workstation version 5.5 GSX Server version 3.2 ACE version 1.0.1 Player version 1.0 **Description** A heap-based buffer overflow issue exists in the NAT networking components vmnat.exe and vmnet-natd. This allows remote authenticated attackers, including guests, to execute arbitrary code via crafted FTP commands, specifically EPRT and PORT commands. **Recommendations** For VMWare Workstation version 5.5, update to a version that includes the fix for this issue. For GSX Server version 3.2, update to a version that includes the fix for this issue. For ACE version 1.0.1, update to a version that includes the fix for this issue. For Player version 1.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the NAT networking components vmnat.exe and vmnet-natd to minimize the risk of exploitation.