MailEnable WebAdmin Unauthorized Access Vulnerability
BID:21325
Info
MailEnable WebAdmin Unauthorized Access Vulnerability
| Bugtraq ID: | 21325 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 27 2006 12:00AM |
| Updated: | Nov 29 2006 08:50PM |
| Credit: | Reported by the vendor. |
| Vulnerable: |
MailEnable MailEnable Professional 2.32 MailEnable MailEnable Enterprise Edition 2.32 |
| Not Vulnerable: | |
Discussion
MailEnable WebAdmin Unauthorized Access Vulnerability
MailEnable is prone to a vulnerability that can allow remote attackers to gain unauthorized access to the application's web-administration console.
MailEnable Professional Edition 2.32 and Enterprise Edition 2.32 are reported affected; other versions may be vulnerable as well.
MailEnable is prone to a vulnerability that can allow remote attackers to gain unauthorized access to the application's web-administration console.
MailEnable Professional Edition 2.32 and Enterprise Edition 2.32 are reported affected; other versions may be vulnerable as well.
Exploit / POC
MailEnable WebAdmin Unauthorized Access Vulnerability
An exploit is not required; attackers can access the service with a web client.
An exploit is not required; attackers can access the service with a web client.
Solution / Fix
MailEnable WebAdmin Unauthorized Access Vulnerability
Solution:
The vendor has released a fix to address this issue.
MailEnable MailEnable Professional 2.32
MailEnable MailEnable Enterprise Edition 2.32
Solution:
The vendor has released a fix to address this issue.
MailEnable MailEnable Professional 2.32
-
MailEnable ME-10019.ZIP
http://www.mailenable.com/hotfix/ME-10019.ZIP
MailEnable MailEnable Enterprise Edition 2.32
-
MailEnable ME-10019.ZIP
http://www.mailenable.com/hotfix/ME-10019.ZIP
References
MailEnable WebAdmin Unauthorized Access Vulnerability
References:
References:
- MailEnable Homepage (MailEnable)
- MailEnable Hotfix Page (MailEnable)