CVE-2007-1301

MailEnable Enterprise and Professional Editions - Authenticated Stack-Based Buffer Overflow via IMAP APPEND Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1301. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Mail Enable Professional/Enterprise versions 2.32-4. It sends a crafted APPEND command to the IMAP service (port 143) to execute a Win32 bind shell on port 1337.

Description

Stack-based buffer overflow in the IMAP service in MailEnable Enterprise and Professional Editions 2.37 and earlier allows remote authenticated users to execute arbitrary code via a long argument to the APPEND command. NOTE: this is probably different than CVE-2006-6423.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · perlremotewindows

https://www.exploit-db.com/exploits/3397

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Mail Enable Professional/Enterprise versions 2.32-4. It sends a crafted APPEND command to the IMAP service (port 143) to execute a Win32 bind shell on port 1337.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Mail Enable Professional/Enterprise v2.32-4 (win32)

Auth required

Prerequisites: Valid IMAP credentials · Network access to port 143

MITRE ATT&CK