CVE-2006-6423

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/secunia_research/2006-73/advisory/	Patch Vendor Advisory
http://www.mailenable.com/hotfix/	Patch Vendor Advisory
http://www.securityfocus.com/bid/21492
http://secunia.com/advisories/23201
http://securityreason.com/securityalert/2022
https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
http://www.securityfocus.com/archive/1/454075/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mailenable:mailenable_enterprise:1.16:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.17:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.24:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.25:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.32:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.33:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.41:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:2.35:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.13:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.14:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.15:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.1:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.39:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.11:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.23:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.19:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.18:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.28:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.26:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.12:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.29:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.35:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.21:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.38:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.30:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.27:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.37:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.36:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.31:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.22:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.40:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.34:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.2:::::::*
	cpe:2.3:a:mailenable:mailenable_professional:1.84:::::::*

Information

Published : 2006-12-11 18:28

Updated : 2018-10-17 14:48

NVD link : CVE-2006-6423

Mitre link : CVE-2006-6423

JSON object : View

CWE

NVD-CWE-Other

Products Affected

mailenable

mailenable_professional
mailenable_enterprise

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://secunia.com/secunia_research/2006-73/advisory/", "name": "http://secunia.com/secunia_research/2006-73/advisory/", "tags": ["Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.mailenable.com/hotfix/", "name": "http://www.mailenable.com/hotfix/", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/21492", "name": "21492", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/23201", "name": "23201", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/2022", "name": "2022", "tags": [], "refsource": "SREASON"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796", "name": "mailenable-bounds-imap-bo(30796)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded", "name": "20061211 Secunia Research: MailEnable IMAP Service Buffer OverflowVulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-6423", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-12-12T02:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:2.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-17T21:48Z"}

10.0 /10