Ipswitch IMail Client Multipart MIME Email Message Handling Overflow
High Nessus Plugin ID 27590
SynopsisThe remote Windows host contains a program that is prone to a buffer overflow attack.
DescriptionIMail Client, a tool for administering Ipswitch IMail Server, is installed on the remote Windows host.
The version of IMail Client on the remote host contains a boundary error that can be triggered by a long 'boundary' parameter when processing emails with multipart MIME data. If an attacker can trick the Ipswitch Mail Server administrator to open a specially crafted email using the affected application, he can leverage this issue to execute arbitrary code subject to the user's privileges.
SolutionDelete the IMail Client application.