Vulnerability Description
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mailenable | Mailenable Enterprise | 1.1 |
| Mailenable | Mailenable Professional | 1.84 |
References
- http://secunia.com/advisories/23201
- http://secunia.com/secunia_research/2006-73/advisory/PatchVendor Advisory
- http://securityreason.com/securityalert/2022
- http://www.mailenable.com/hotfix/PatchVendor Advisory
- http://www.securityfocus.com/archive/1/454075/100/0/threaded
- http://www.securityfocus.com/bid/21492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
- http://secunia.com/advisories/23201
- http://secunia.com/secunia_research/2006-73/advisory/PatchVendor Advisory
- http://securityreason.com/securityalert/2022
- http://www.mailenable.com/hotfix/PatchVendor Advisory
- http://www.securityfocus.com/archive/1/454075/100/0/threaded
- http://www.securityfocus.com/bid/21492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
FAQ
What is CVE-2006-6423?
CVE-2006-6423 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allo...
How severe is CVE-2006-6423?
CVE-2006-6423 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6423?
Check the references section above for vendor advisories and patch information. Affected products include: Mailenable Mailenable Enterprise, Mailenable Mailenable Professional.