MailEnable < 1.53 IMAP Service Multiple Remote Pre-Authentication Buffer Overflows

high Nessus Network Monitor Plugin ID 2435

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of MailEnable Professional that is older than version 1.53. The remote version of this software is known to be prone to multiple remote buffer overflow vulnerabilities that have been fixed in version 1.53.

Solution

Upgrade to version 1.53 or higher.

See Also

http://www.mailenable.com/hotfix/default.asp

http://www.hat-squad.com/en/000102.html

Plugin Details

Severity: High

ID: 2435

Family: SMTP Servers

Published: 11/30/2004

Updated: 3/6/2019

Nessus ID: 15852

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:mailenable:mailenable

Reference Information

CVE: CVE-2004-2501

BID: 11755