This script is Copyright (C) 2002-2014 Digital Defense, Inc.
It may be possible to execute arbitrary commands on the remote
A vulnerability exists within IMail that allows remote attackers to
gain SYSTEM level access to servers running IMail's SMTP daemon
(versions 6.06 and below). The vulnerability stems from the IMail
SMTP daemon not doing proper bounds checking on various input data
that gets passed to the IMail Mailing List handler code. If an
attacker crafts a special buffer and sends it to a remote IMail SMTP
server, it is possible that an attacker can remotely execute code
(commands) on the IMail system.
See also :
Apply vendor-supplied patches.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.8
Public Exploit Available : false