Signature Detail

HTTP: MailEnable HTTP Authorization Overflow

This signature detects attempts to exploit a known vulnerability in the MailEnable mail server Web interface. An attacker can send an overly long authorization request to create a denial of service (DoS) or execute arbitrary code. Note: Vulnerability information and exploits are publically available.

Extended Description

MailEnable is prone to a remotely exploitable buffer overflow vulnerability. This issue occurs in the server's HTTP Header Field Definitions. This condition may be leveraged to overwrite sensitive program control variables, allowing a remote attacker to control execution flow of the server process.

Affected Products

• Mailenable mailenable_enterprise_edition 1.0.0
• Mailenable mailenable_enterprise_edition 1.0.0 1
• Mailenable mailenable_enterprise_edition 1.0.0 2
• Mailenable mailenable_enterprise_edition 1.0.0 3
• Mailenable mailenable_enterprise_edition 1.0.0 4
• Mailenable mailenable_professional 1.0.0 004
• Mailenable mailenable_professional 1.0.0 005
• Mailenable mailenable_professional 1.0.0 006
• Mailenable mailenable_professional 1.0.0 007
• Mailenable mailenable_professional 1.0.0 008
• Mailenable mailenable_professional 1.0.0 009
• Mailenable mailenable_professional 1.0.0 010
• Mailenable mailenable_professional 1.0.0 011
• Mailenable mailenable_professional 1.0.0 012
• Mailenable mailenable_professional 1.0.0 013
• Mailenable mailenable_professional 1.0.0 014
• Mailenable mailenable_professional 1.0.0 015
• Mailenable mailenable_professional 1.0.0 016
• Mailenable mailenable_professional 1.0.0 017
• Mailenable mailenable_professional 1.1.0
• Mailenable mailenable_professional 1.101.0
• Mailenable mailenable_professional 1.102.0
• Mailenable mailenable_professional 1.103.0
• Mailenable mailenable_professional 1.104.0
• Mailenable mailenable_professional 1.105.0
• Mailenable mailenable_professional 1.106.0
• Mailenable mailenable_professional 1.107.0
• Mailenable mailenable_professional 1.108.0
• Mailenable mailenable_professional 1.109.0
• Mailenable mailenable_professional 1.110.0
• Mailenable mailenable_professional 1.111.0
• Mailenable mailenable_professional 1.112.0
• Mailenable mailenable_professional 1.113.0
• Mailenable mailenable_professional 1.114.0
• Mailenable mailenable_professional 1.115.0
• Mailenable mailenable_professional 1.116.0
• Mailenable mailenable_professional 1.12.0
• Mailenable mailenable_professional 1.13.0
• Mailenable mailenable_professional 1.14.0
• Mailenable mailenable_professional 1.15.0
• Mailenable mailenable_professional 1.16.0
• Mailenable mailenable_professional 1.17.0
• Mailenable mailenable_professional 1.18.0
• Mailenable mailenable_professional 1.19.0
• Mailenable mailenable_professional 1.2.0
• Mailenable mailenable_professional 1.2.0 A
• Mailenable mailenable_professional 1.5.0
• Mailenable mailenable_professional 1.51.0
• Mailenable mailenable_professional 1.52.0
• Mailenable mailenable_professional 1.53.0
• Mailenable mailenable_professional 1.54.0

References

• BugTraq: 13350
• CVE: CVE-2005-1348