Detections
Analytics

Ipswitch IMail Client Multipart MIME Email Message Handling Overflow

high Nessus Plugin ID 27590

Synopsis

The remote Windows host contains a program that is prone to a buffer overflow attack.

Description

IMail Client, a tool for administering Ipswitch IMail Server, is installed on the remote Windows host.

The version of IMail Client on the remote host contains a boundary error that can be triggered by a long 'boundary' parameter when processing emails with multipart MIME data. If an attacker can trick the Ipswitch Mail Server administrator to open a specially crafted email using the affected application, he can leverage this issue to execute arbitrary code subject to the user's privileges.

Solution

Delete the IMail Client application.

See Also

https://secuniaresearch.flexerasoftware.com/secunia_research/2007-81/advisory/

https://www.securityfocus.com/archive/1/482988

Plugin Details

Severity: High

ID: 27590

File Name: ipswitch_imail_client.nasl

Version: 1.21

Type: local

Agent: windows

Family: Windows

Published: 10/30/2007

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ipswitch:imail

Required KB Items: SMB/name, SMB/login, SMB/password

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2007-4345

BID: 26252

CWE: 119