In association with heise online

09 March 2007, 12:17

Patch for mail server MailEnable

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

MailEnable has closed a hole in its eponymous mail server that attackers were able to use to execute arbitrary code on a system. The flaw is the result of a buffer overflow in the IMAP service that can occur during the processing of APPEND commands. Attackers have to have a valid account because this command is only available after authentication. MailEnable Enterprise Edition 1.x, 2.x and MailEnable Professional 1.x and 2.x were affected. A hot fix can now be downloaded and should be installed as quickly as possible because an exploit for the hole is already in circulation.

For more information, see:

(ehe)

Print Version | Send by email | Permalink: http://h-online.com/-732451
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit