Description: | | A buffer overflow vulnerability exists in the MailEnable server product line. The flaw is caused by insufficient sanitization of user supplied data before it is being processed by the logging facilities. Successful exploitation of this flaw allows a remote attacker to inject and execute arbitrary code on the target host. An attack may result in either a denial of service condition of the affected service or diversion of the process flow of the affected process. In the case of a successful code execution attack, the process flow will be diverted to attacker supplied code which is injected during the attack. Such an attack would most likely also result in a denial of service condition, as the IMAP server process would not retain its intended functionality. If such an attack is not successful, then a denial of service condition will result. In the case of a denial of service attack, the affected process will terminate and will have to be manually restarted in order to restore functionality. |