Related information

Multiple MailEnable mail server vulnerabilities

[SA18668] MailEnable Professional EXAMINE Command Denial of Service

[Full-disclosure] [ACSSEC-2005-11-27- 0x2] Remote Overflows in Mailenable Enterprise 1.1 / Professional 1.7

[SA17820] MailEnable Invalid IMAP Commands Denial of Service Vulnerability

MailEnable IMAP DOS

From:	muts <muts_(at)_inter.net.il>
Date:	20.12.2005
Subject:	[Full-disclosure] Remote Buffer Overflow in Mailenable Enterprise 1.1

See-Security Research and Development.

[-] Product Information

MailEnable's mail server software provides a powerful, scalable hosted
messaging platform for Microsoft Windows. MailEnable offers stability,
unsurpassed flexibility and an extensive feature set which allows you to
provide cost-effective mail services.

[-] Vulnerability Description
A remote buffer overflow exists in MailEnable Enterprise 1.1 IMAP EXAMINE
command, which allows for post authentication code execution.
This vulnerability affects Mailenable Enterprise 1.1 *without* the
ME-10009.EXE patch.

[-] Vendor Notification
Vendor Notified, patch released, no animals harmed.

[-] Exploit
PoC code can be found @:
http://www.hackingdefined.com/exploits/mailenable-imap-examine.py
http://www.hackingdefined.com/exploits/muts_mailenable_imap_examine.pm


[-] Credits
The vulnerability was discovered by Mati Aharoni.
Exploit coded by Mati Aharoni and Jacky Altal.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/