Vulnerabilities > CVE-2005-1348 - Unspecified vulnerability in Mailenable Enterprise and Mailenable Professional

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
mailenable
exploit available
metasploit

Summary

Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.

Vulnerable Configurations

Part Description Count
Application
Mailenable
2

Exploit-Db

  • descriptionMailEnable Enterprise & Professional https Remote BoF Exploit. CVE-2005-1348. Remote exploit for windows platform
    idEDB-ID:952
    last seen2016-01-31
    modified2005-04-25
    published2005-04-25
    reporterCorryL
    sourcehttps://www.exploit-db.com/download/952/
    titleMailEnable Enterprise & Professional https Remote BoF Exploit
  • descriptionMailEnable Authorization Header Buffer Overflow. CVE-2005-1348. Remote exploit for windows platform
    idEDB-ID:16781
    last seen2016-02-02
    modified2010-07-07
    published2010-07-07
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16781/
    titleMailEnable Authorization Header Buffer Overflow

Metasploit

descriptionThis module exploits a remote buffer overflow in the MailEnable web service. The vulnerability is triggered when a large value is placed into the Authorization header of the web request. MailEnable Enterprise Edition versions prior to 1.0.5 and MailEnable Professional versions prior to 1.55 are affected.
idMSF:EXPLOIT/WINDOWS/HTTP/MAILENABLE_AUTH_HEADER
last seen2020-03-11
modified2017-09-14
published2007-01-07
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/mailenable_auth_header.rb
titleMailEnable Authorization Header Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83047/mailenable_auth_header.rb.txt
idPACKETSTORM:83047
last seen2016-12-05
published2009-11-26
reporterDavid Maciejak
sourcehttps://packetstormsecurity.com/files/83047/MailEnable-Authorization-Header-Buffer-Overflow.html
titleMailEnable Authorization Header Buffer Overflow

Saint

bid13350
descriptionMailEnable HTTPMail Authorization header buffer overflow
idmail_web_mailenable,mail_web_mailenableauthbo
osvdb15737
titlemailenable_httpmail_authorization
typeremote