CVE-2006-6423 Information

Description

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35 Professional Edition 1.6 through 1.84 and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string as addressed by the ME-10025 hotfix.

Reference

http://secunia.com/advisories/23201 http://secunia.com/secunia_research/2006-73/advisory/ http://securityreason.com/securityalert/2022 http://www.mailenable.com/hotfix/ http://www.securityfocus.com/archive/1/454075/100/0/threaded http://www.securityfocus.com/bid/21492 https://exchange.xforce.ibmcloud.com/vulnerabilities/30796