MailEnable Mail Server HTTPMail远程堆溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107938 漏洞类型 缓冲区溢出
发布时间 2004-05-09 更新时间 2007-10-10
CVE编号 CVE-2004-2727 CNNVD-ID CNNVD-200412-881
漏洞平台 Windows CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/24103
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-881
|漏洞详情
MailEnable是一款商业性质的POP3和SMTP服务器。MailEnable的'Professional'和'Enterprise'版本存在远程堆溢出问题,远程攻击者可以利用这个漏洞以SYSTEM权限在系统上执行任意指令。主要是系统对包含大量数据的GET请求缺少充分边界缓冲区检查,精心构建提交数据可能以SYSTEM权限在系统上执行任意指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/10312/info

MailEnable is a commercially available POP3 and SMTP server for the Windows platform.

The 'Professional' and 'Enterprise' editions of MailEnable are reported to be prone to a remote heap buffer overflow. The overflow allows the attacker to control the EAX and ECX registers, allowing arbitrary code execution as SYSTEM.

All versions up to and including 1.18 are reported to be affected.

If logging is enabled, the request could contain:

GET /{4032 x A} HTTP/1.1

or, without logging:

GET /{8501 x A} HTTP/1.1
|参考资料

来源:BID
名称:10312
链接:http://www.securityfocus.com/bid/10312
来源:VUPEN
名称:ADV-2005-0383
链接:http://www.frsirt.com/english/advisories/2005/0383
来源:SECUNIA
名称:11588
链接:http://secunia.com/advisories/11588
来源:XF
名称:mailenable-disabled-mehttps-bo(16115)
链接:http://xforce.iss.net/xforce/xfdb/16115
来源:XF
名称:mailenable-enabled-mehttps-dos(16114)
链接:http://xforce.iss.net/xforce/xfdb/16114
来源:OSVDB
名称:6038
链接:http://www.osvdb.org/6038
来源:OSVDB
名称:6037
链接:http://www.osvdb.org/6037
来源:SECTRACK
名称:1010107
链接:http://securitytracker.com/id?1010107
来源:NSFOCUS
名称:6423
链接:http://www.nsfocus.net/vulndb/6423