FTGate4 IMAP EXAMINE Command Remote Overflow

This script is Copyright (C) 2005-2011 Tenable Network Security, Inc.


Synopsis :

The remote IMAP server is prone to a buffer overflow.

Description :

The remote host appears to be running a version of FTGate, a
commercial groupware mail server for Windows from FTGate Technology
Ltd.

The version of FTGate installed on the remote host includes an IMAP
server that is prone to a buffer overflow attack due to boundary
errors in its handling of various IMAP commands. An authenticated
attacker can exploit this issue to crash the application itself and
possibly to execute arbitrary code subject to the privileges of the
SYSTEM user.

See also :

http://www.securityfocus.com/archive/1/416876/30/0/threaded
http://members.ftgate.com/f4/topic.asp?TOPIC_ID=7298

Solution :

Upgrade to FTGate 4.4.002 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : false

Family: Gain a shell remotely

Nessus Plugin ID: 20221 (ftgate_overflow.nasl)

Bugtraq ID: 15449

CVE ID: CVE-2005-3640