CVE-2006-6423

MailEnable Professional and Enterprise Edition 1.1-2.35 - Stack-Based Buffer Overflow via IMAP Service

Title source: llm

Exploitation Summary

EIP tracks 4 public exploits for CVE-2006-6423. PoCs published by Metasploit, mu-b, MC, including Metasploit module exploits/windows/imap/mailenable_login.

AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in MailEnable IMAPD 2.35 via a malformed LOGIN command. It sends a crafted payload to achieve remote code execution on the target system.

Description

Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16475

View Code ZIP pw:eip

This is a Metasploit module exploiting a buffer overflow in MailEnable IMAPD 2.35 via a malformed LOGIN command. It sends a crafted payload to achieve remote code execution on the target system.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable IMAPD 2.35

No auth needed

Prerequisites: Network access to the IMAP service (port 143) · Vulnerable version of MailEnable IMAPD

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by mu-b · perlremotewindows

https://www.exploit-db.com/exploits/3320

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Mail Enable Professional <=v2.35. It sends a crafted payload to the IMAP service (port 143) to achieve remote code execution via a win32 bind shell on port 1337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Mail Enable Professional <=v2.35

No auth needed

Prerequisites: Network access to the target's IMAP service (port 143) · Vulnerable version of Mail Enable Professional

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by mu-b · perlremotewindows

https://www.exploit-db.com/exploits/3319

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Mail Enable Professional/Enterprise versions 2.32-4. It sends a crafted payload to the IMAP service (port 143) to achieve remote code execution via a win32 bind shell on port 1337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Mail Enable Professional/Enterprise v2.32-4 (win32)

No auth needed

Prerequisites: Network access to the target's IMAP service (port 143) · Timing adjustments may be required for successful exploitation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/mailenable_login.rb

View Code ZIP pw:eip

This Metasploit module exploits a buffer overflow vulnerability in MailEnable IMAPD versions 2.34 and 2.35 via a malformed LOGIN command. It sends a crafted payload to achieve remote code execution on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MailEnable IMAPD 2.34/2.35

No auth needed

Prerequisites: Network access to the IMAP service (port 143) · Target running vulnerable MailEnable version

MITRE ATT&CK