fkie_nvd - fkie_cve-2006-6423

fkie_cve-2006-6423

Vulnerability from fkie_nvd

Published

2006-12-12 02:28

Modified

2025-04-09 00:30

Severity ?

Summary

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/23201
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2006-73/advisory/	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://securityreason.com/securityalert/2022
PSIRT-CNA@flexerasoftware.com	http://www.mailenable.com/hotfix/	Patch, Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/454075/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/21492
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/30796
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23201
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2006-73/advisory/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/2022
af854a3a-2127-422b-91ae-364da2661108	http://www.mailenable.com/hotfix/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/454075/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21492
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30796

Impacted products

Vendor	Product	Version
mailenable	mailenable_enterprise	1.1
mailenable	mailenable_enterprise	1.2
mailenable	mailenable_enterprise	1.11
mailenable	mailenable_enterprise	1.12
mailenable	mailenable_enterprise	1.13
mailenable	mailenable_enterprise	1.14
mailenable	mailenable_enterprise	1.15
mailenable	mailenable_enterprise	1.16
mailenable	mailenable_enterprise	1.17
mailenable	mailenable_enterprise	1.18
mailenable	mailenable_enterprise	1.19
mailenable	mailenable_enterprise	1.21
mailenable	mailenable_enterprise	1.22
mailenable	mailenable_enterprise	1.23
mailenable	mailenable_enterprise	1.24
mailenable	mailenable_enterprise	1.25
mailenable	mailenable_enterprise	1.26
mailenable	mailenable_enterprise	1.27
mailenable	mailenable_enterprise	1.28
mailenable	mailenable_enterprise	1.29
mailenable	mailenable_enterprise	1.30
mailenable	mailenable_enterprise	1.31
mailenable	mailenable_enterprise	1.32
mailenable	mailenable_enterprise	1.33
mailenable	mailenable_enterprise	1.34
mailenable	mailenable_enterprise	1.35
mailenable	mailenable_enterprise	1.36
mailenable	mailenable_enterprise	1.37
mailenable	mailenable_enterprise	1.38
mailenable	mailenable_enterprise	1.39
mailenable	mailenable_enterprise	1.40
mailenable	mailenable_enterprise	1.41
mailenable	mailenable_enterprise	2.35
mailenable	mailenable_professional	1.84

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45540A37-2CBF-453F-8EFF-696B9318499F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F83EAD-9296-4A24-BF7F-905CC93FEADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB6FB230-80C5-4B8D-898E-8C298B2207C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A640E156-FF31-48E6-9D98-E2E669C01C0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "04B96ED6-16EB-42A4-BDC6-0EE45EA38B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "455DD7A6-A83E-4200-B41B-505118FE8E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A5462F1-B6D9-43F0-982C-2E4534E79E02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3248B134-BF1F-4109-A0DC-DF9A01CC8156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "849A1A19-83BA-4984-947B-C47DAA515908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E3C2B12-AF3A-44D9-9C91-58F4AB1FE188",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "71A25D16-21ED-4EAD-A535-6000E77ECF35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7BAC3EA-3267-4AE2-A172-3B8D63B09B60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5AC063-9D7B-45A2-9D90-B85E2DFBB6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD73FDB9-4A1E-4A8A-A541-21C7726A152C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "1491392B-467F-4CA0-B6D7-2A7478C4DFA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3F71BC-639F-4966-B05D-5E3BB9C5FA3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "056C7707-A07C-4F4A-8390-97885581802F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "0025F745-D34D-4275-9A3B-5530B7A0A520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFB9ECA3-FFF5-447D-B685-666669410D7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "B56A4283-E0DB-42CE-9551-FC3DBC7E50A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80F2B0F-8461-47C3-A07A-98681D255478",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E1599A-9928-4A06-B650-1238D62CD2C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E07825D6-EBA0-42B5-BE18-DA3D440A986D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C153370-5AD2-4020-9656-5BDD7644F692",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "50451621-1AF5-4A17-9355-62D78DDAE7A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC62336F-5F8F-4FF7-B2FB-CBBBAEC77162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "75BF5AF2-FAD4-48B4-B893-035F5A82A58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4F5CF79-543F-4ECA-B5A3-5212A1D0A18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "D80141E2-F98C-458C-BAFB-8272BD2BBE4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA17BD7-A9FC-4FA3-88D4-38D9BD197963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "393240E7-FE4F-4535-B5F0-6609F4A01646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83D1EA7-A3D6-41AA-B922-18885328D292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:2.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0743346-9637-498F-BAAF-B193E41A7927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*",
              "matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el servicio IMAP para MailEnable Professional y Enterprise Edition 2.0 hasta 2.35, Professional Edition 1.6 hasta 1.84, y Enterprise Edition 1.1 hasta 1.41 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un comando de pre-autenticaci\u00f3n seguido de un par\u00e1metro manipulado y una cadena larga como se indica en la actualizaci\u00f3n r\u00e1pida (hotfix) ME-10025"
    }
  ],
  "id": "CVE-2006-6423",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-12-12T02:28:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/23201"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2006-73/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securityreason.com/securityalert/2022"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mailenable.com/hotfix/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/21492"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23201"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2006-73/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mailenable.com/hotfix/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/454075/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/21492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30796"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2006-6423 (GCVE-0-2006-6423)

Vulnerability from cvelistv5

Published

2006-12-12 02:00

Modified

2024-08-07 20:26