Summary
The target is running at least one instance of MailEnable's IMAP service. Two flaws exist in MailEnable Professional Edition 1.52 and earlier as well as MailEnable Enterprise Edition 1.01 and earlier - a stack-based buffer overflow and an object pointer overwrite. A remote attacker can use either vulnerability to execute arbitrary code on the target. More information is available at :
http://www.hat-squad.com/en/000102.html
Solution
Apply the IMAP hotfix dated 25 November 2004 and found at :
http://www.mailenable.com/hotfix/default.asp
Severity
Classification
-
CVE CVE-2004-2501 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities