FTGate4 IMAP EXAMINE Command Remote Overflow

critical Nessus Plugin ID 20221

Synopsis

The remote IMAP server is prone to a buffer overflow.

Description

The remote host appears to be running a version of FTGate, a commercial groupware mail server for Windows from FTGate Technology Ltd.

The version of FTGate installed on the remote host includes an IMAP server that is prone to a buffer overflow attack due to boundary errors in its handling of various IMAP commands. An authenticated attacker can exploit this issue to crash the application itself and possibly to execute arbitrary code subject to the privileges of the SYSTEM user.

Solution

Upgrade to FTGate 4.4.002 or later.

See Also

https://www.securityfocus.com/archive/1/416876/30/0/threaded

http://members.ftgate.com/f4/topic.asp?TOPIC_ID=7298

Plugin Details

Severity: Critical

ID: 20221

File Name: ftgate_overflow.nasl

Version: 1.21

Type: remote

Published: 11/17/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: imap/login, imap/password

Excluded KB Items: imap/false_imap, imap/overflow

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/16/2005

Reference Information

CVE: CVE-2005-3640

BID: 15449