CVE-2005-3155

MailEnable Enterprise 1.1 and Professional 1.6 - Buffer Overflow in W3C Logging

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-3155. PoCs published by Metasploit, y0, MC, including Metasploit module exploits/windows/imap/mailenable_w3c_select.

AI-analyzed exploit summary This exploit targets a buffer overflow in MailEnable IMAPD's W3C logging functionality. It requires valid credentials and sends a maliciously crafted SELECT command to trigger the vulnerability, leading to remote code execution.

Description

Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16480

View Code ZIP pw:eip

This exploit targets a buffer overflow in MailEnable IMAPD's W3C logging functionality. It requires valid credentials and sends a maliciously crafted SELECT command to trigger the vulnerability, leading to remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable Professional <= 1.6, MailEnable Enterprise <= 1.1

Auth required

Prerequisites: Valid username and password · W3C logging enabled · Network access to IMAP service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by y0 · remotewindows

https://www.exploit-db.com/exploits/1332

View Code ZIP pw:eip

This exploit targets a buffer overflow in MailEnable IMAPD's W3C logging functionality. It requires valid credentials and sends a crafted SELECT command with a long string to trigger the overflow, leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable Professional <= 1.6, MailEnable Enterprise <= 1.1

Auth required

Prerequisites: Valid IMAP credentials · W3C logging enabled · Target running vulnerable MailEnable version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/mailenable_w3c_select.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow in MailEnable IMAPD's W3C logging feature. It requires valid credentials and targets versions 1.6 Pro or earlier, leveraging a SEH overwrite to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable Professional/Enterprise <= 1.54

Auth required

Prerequisites: Valid IMAP credentials · W3C logging enabled · Network access to IMAPD service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15006

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014999

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17010

Patch x_refsource_confirm

http://www.mailenable.com/hotfix/

Scores

EPSS 0.6369

EPSS Percentile 99.1%

Details

Status published

Products (2)

mailenable/mailenable_enterprise 1.1

mailenable/mailenable_professional 1.6

Published Oct 05, 2005

Tracked Since Feb 18, 2026