CVE-2008-1277

MailEnable Professional and Enterprise < 3.13 - Denial of Service via IMAP SEARCH and APPEND Commands

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1277. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes multiple remote vulnerabilities in MailEnable's IMAP service, including buffer overflows and denial-of-service issues due to NULL-pointer exceptions. It references external links for exploit binaries but does not contain actual exploit code.

Description

The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/31360

View Code ZIP pw:eip

The provided text describes multiple remote vulnerabilities in MailEnable's IMAP service, including buffer overflows and denial-of-service issues due to NULL-pointer exceptions. It references external links for exploit binaries but does not contain actual exploit code.

Classification

Writeup 90%

Attack Type

Rce | Dos

Complexity

Moderate

Reliability

Theoretical

Target: MailEnable 3.13

No auth needed

Prerequisites: Network access to the IMAP service

MITRE ATT&CK