CVE-2006-6423

Sažetak

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

Reference

http://secunia.com/advisories/23201
http://secunia.com/secunia_research/2006-73/advisory/
http://securityreason.com/securityalert/2022
http://www.mailenable.com/hotfix/
http://www.securityfocus.com/archive/1/454075/100/0/threaded
http://www.securityfocus.com/bid/21492
https://exchange.xforce.ibmcloud.com/vulnerabilities/30796

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-10-2018 - 21:48

Objavljeno

12-12-2006 - 02:28