CVE-2006-6997 - Vulnerability Details - OpenCVE

Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to "weakened authentication security" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear whether this is the same as CVE-2006-1792.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mailenable	Mailenable Enterprise Mailenable Standard

Configuration 1 [-]

OR	cpe:2.3:a:mailenable:mailenable_enterprise:1.0:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.00:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.1:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.01:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.02:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.2:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.03:::::::*
	cpe:2.3:a:mailenable:mailenable_enterprise:1.04:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.71:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.72:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.701:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.702:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.703:::::::*
	cpe:2.3:a:mailenable:mailenable_standard:1.704:::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html
http://www.mailenable.com/enterprisehistory.asp
http://www.mailenable.com/professionalhistory.asp
http://www.mailenable.com/standardhistory.asp

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-12T11:00:00Z

Updated: 2024-09-17T02:33:03.597Z

Reserved: 2007-02-12T00:00:00Z

Link: CVE-2006-6997

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-02-12T11:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2006-6997

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to \"weakened authentication security\" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear whether this is the same as CVE-2006-1792."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-02-12T11:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.mailenable.com/professionalhistory.asp"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mailenable.com/enterprisehistory.asp"}, {"name": "20060320 [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mailenable.com/standardhistory.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6997", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to \"weakened authentication security\" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear whether this is the same as CVE-2006-1792."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.mailenable.com/professionalhistory.asp", "refsource": "CONFIRM", "url": "http://www.mailenable.com/professionalhistory.asp"}, {"name": "http://www.mailenable.com/enterprisehistory.asp", "refsource": "CONFIRM", "url": "http://www.mailenable.com/enterprisehistory.asp"}, {"name": "20060320 [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html"}, {"name": "http://www.mailenable.com/standardhistory.asp", "refsource": "CONFIRM", "url": "http://www.mailenable.com/standardhistory.asp"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:50:05.730Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mailenable.com/professionalhistory.asp"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mailenable.com/enterprisehistory.asp"}, {"name": "20060320 [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mailenable.com/standardhistory.asp"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6997", "datePublished": "2007-02-12T11:00:00Z", "dateReserved": "2007-02-12T00:00:00Z", "dateUpdated": "2024-09-17T02:33:03.597Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1E228B31-0D62-41E3-A475-550BBFAA4336", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "FCAA0B95-5875-41CF-90BA-EF07D240FF08", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "45540A37-2CBF-453F-8EFF-696B9318499F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "724E8638-CF5A-480B-89D7-0E029A0C5965", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.02:*:*:*:*:*:*:*", "matchCriteriaId": "48B664B5-EEF9-4C5F-B23C-E4D54DBF2EC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "39F83EAD-9296-4A24-BF7F-905CC93FEADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "E27EEFD5-19B1-4F0C-BD52-257594C37310", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_enterprise:1.04:*:*:*:*:*:*:*", "matchCriteriaId": "53BB6A16-65D3-43CF-BFB4-E0616476A979", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.71:*:*:*:*:*:*:*", "matchCriteriaId": "C1FBE144-CB33-4726-B8E6-52CA42BE7C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.72:*:*:*:*:*:*:*", "matchCriteriaId": "69A6721E-E25B-4502-892A-46054D920C92", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.701:*:*:*:*:*:*:*", "matchCriteriaId": "21A4FCCB-D0CC-4B53-AAF0-F338950B05F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.702:*:*:*:*:*:*:*", "matchCriteriaId": "DB172967-4C1A-4E5E-9B10-606CD185E495", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.703:*:*:*:*:*:*:*", "matchCriteriaId": "73E2BEE2-6FBE-43B4-90AA-590D7CAEDA6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mailenable:mailenable_standard:1.704:*:*:*:*:*:*:*", "matchCriteriaId": "83A071CC-3210-4D98-A5D3-82FBCB29C657", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to \"weakened authentication security\" with unknown impact and attack vectors. NOTE: due to lack of details, it is not clear whether this is the same as CVE-2006-1792."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la caracter\u00edstica cryptographic en MailEnable Standard Edition anetrior a 1.93, Professional Edition anterior a 1.73, y Enterprise Edition anterior a 1.21 lleva a \"validaci\u00f3n de seguridad debil\" con un impacto desconocido y vectores de ataque, NOTA: debido a la escasez de detalles, no es\u00e1 claro si esto es lo mismo que CVE-2006-1792."}], "id": "CVE-2006-6997", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-12T11:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/enterprisehistory.asp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/professionalhistory.asp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/standardhistory.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1359.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/enterprisehistory.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/professionalhistory.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.mailenable.com/standardhistory.asp"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}