CVE-2004-2501

MailEnable Professional and Enterprise - Buffer Overflow via IMAP Service Long Command String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2501. PoCs published by class101.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in MailEnable IMAP Service (CVE-2004-2501) to execute a bind shell on port 101. It constructs a malicious payload with shellcode and sends it to the target server.

Description

Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.

Exploits (1)

exploitdb WORKING POC VERIFIED

by class101 · cremotewindows

https://www.exploit-db.com/exploits/658

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in MailEnable IMAP Service (CVE-2004-2501) to execute a bind shell on port 101. It constructs a malicious payload with shellcode and sends it to the target server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable Pro/Enterprise v1.52/v1.01

No auth needed

Prerequisites: Network access to the target IMAP service (port 143 by default)

MITRE ATT&CK