CVE-2006-5177

MailEnable Professional/E 2.0 - RCE/DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5177. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets MailEnable Professional/Enterprise versions <= 2.35 by sending malformed NTLM authentication requests to the IMAP service, causing an out-of-bounds read that results in a denial-of-service (DoS). The PoC connects to the target IMAP port (143) and sends crafted base64-encoded payloads to trigger the vulnerability.

Description

The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · perldoswindows

https://www.exploit-db.com/exploits/28735

View Code ZIP pw:eip

This exploit targets MailEnable Professional/Enterprise versions <= 2.35 by sending malformed NTLM authentication requests to the IMAP service, causing an out-of-bounds read that results in a denial-of-service (DoS). The PoC connects to the target IMAP port (143) and sends crafted base64-encoded payloads to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: MailEnable Professional/Enterprise <= 2.35

No auth needed

Prerequisites: Network access to the target IMAP service (port 143)

MITRE ATT&CK