IA eMailServer IMAP SEARCH Command Remote Overflow
Medium Nessus Plugin ID 20960
SynopsisThe remote IMAP server is susceptible to buffer overflow attacks.
DescriptionThe remote host is running IA eMailServer, a commercial messaging system for Windows.
The IMAP server bundled with the version of IA eMailServer installed on the remote host crashes when it receives a SEARCH command argument of 560 or more characters. An authenticated attacker could exploit this issue to crash the service and possibly to execute arbitrary code remotely.
Note that IA eMailServer can be configured to run as a service with LOCAL SYSTEM privileges, although this is not the default.
SolutionUnknown at this time.