Intrusion PreventionHTTP.Overlong.Authorization.Header.Buffer.Overflow
Description
This indicates a possible exploit of a buffer overflow vulnerability in HTTPMail, a part of MailEnable, that may allow remote attackers to execute arbitrary code via a long HTTP Authorization header. To exploit this vulnerability, an attacker can send a specially crafted request to a vulnerable system on TCP port 8080, causing a buffer overflow that may allow execution of arbitrary code.
Affected Products
MailEnable Enterprise 1.04 and earlier.
Professional 1.54 and earlier.
Impact
The execution of arbitrary code on the system.
Recommended Actions
MailEnable addresses this issue in their hotfix dated April 22, 2005 (ME-10002).
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-01-20 | 15.761 | Name:MailEnable. WebMail. Authentication. Buffer. Overflow:HTTP. Overlong. Authorization. Header. Buffer. Overflow |
| 2020-01-17 | 15.760 | Sig Added |
| ID | 10910 |
| Created | Sep 16, 2005 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2005-1348 |
| Exploit Prediction Score | 89.91% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | MailEnable |