Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String
High Nessus Plugin ID 20319
SynopsisThe remote SMTP server is affected by a format string vulnerability.
DescriptionThe remote host is running Ipswitch Collaboration Suite or IMail Server, commercial messaging and collaboration suites for Windows.
The version of Ipswitch Collaboration Suite / IMail server installed on the remote host contains an SMTP server that suffers from a format string flaw. By supplying a specially formatted argument to the 'EXPN', 'MAIL', 'MAIL FROM', or 'RCPT TO' commands, a remote attacker may be able to corrupt memory on the affected host, crash the service, or even execute arbitrary code remotely.
SolutionUpgrade to Ipswitch Collaboration Suite 2.02 / IMail 8.22 or later.