CVE-2005-1348

MailEnable <1.04 - RCE

Title source: llm

Description

Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16781

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by CorryL · perlremotewindows

https://www.exploit-db.com/exploits/952

View Code ZIP pw:eip

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/mailenable_auth_header.rb

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=111445834220015&w=2

[URL Repurposed] http://www.x0n3-h4ck.org/upload/x0n3-h4ck_mailenable_https.pl

[Third Party Advisory, VDB Entry] http://www.osvdb.org/15737

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1013786

Scores

EPSS 0.9110

EPSS Percentile 99.6%

Details

Status published

Products (2)

mailenable/mailenable_enterprise < 1.04

mailenable/mailenable_professional < 1.54

Published May 02, 2005

Tracked Since Feb 18, 2026