Vulnerabilities > CVE-2005-3155 - Buffer Overflow vulnerability in MailEnable W3C Logging

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mailenable
nessus
exploit available
metasploit
NVD
Published: 2005-10-05
Updated: 2008-09-05

Summary

Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

Vulnerable Configurations

Part Description Count
Application
Mailenable
2

Exploit-Db

  • descriptionMailEnable IMAPD W3C Logging Buffer Overflow. CVE-2005-3155. Remote exploit for windows platform
    idEDB-ID:16480
    last seen2016-02-01
    modified2010-06-15
    published2010-06-15
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16480/
    titleMailEnable IMAPD W3C Logging Buffer Overflow
  • descriptionMailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit. CVE-2005-3155. Remote exploit for windows platform
    idEDB-ID:1332
    last seen2016-01-31
    modified2005-11-20
    published2005-11-20
    reportery0
    sourcehttps://www.exploit-db.com/download/1332/
    titleMailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit

Metasploit

descriptionThis module exploits a buffer overflow in the W3C logging functionality of the MailEnable IMAPD service. Logging is not enabled by default and this exploit requires a valid username and password to exploit the flaw. MailEnable Professional version 1.6 and prior and MailEnable Enterprise version 1.1 and prior are affected.
idMSF:EXPLOIT/WINDOWS/IMAP/MAILENABLE_W3C_SELECT
last seen2020-02-29
modified2017-07-24
published2005-12-05
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3155
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/imap/mailenable_w3c_select.rb
titleMailEnable IMAPD W3C Logging Buffer Overflow

Nessus

NASL familyWindows
NASL idMAILENABLE_IMAP_LOGGING_OVERFLOW.NASL
descriptionThe remote host is running a version of MailEnable
last seen2020-06-01
modified2020-06-02
plugin id19783
published2005-10-04
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/19783
titleMailEnable IMAP Server W3C Logging Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83006/mailenable_w3c_select.rb.txt
idPACKETSTORM:83006
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/83006/MailEnable-IMAPD-W3C-Logging-Buffer-Overflow.html
titleMailEnable IMAPD W3C Logging Buffer Overflow

Saint

bid15006
descriptionMailEnable IMAP W3C Logging Buffer Overflow
idmail_imap_mailenable,mail_imap_mailenableent
osvdb19842
titlemailenable_imap_w3c_logging
typeremote

References