SynopsisThe remote mail server is affected by an information disclosure vulnerability.
DescriptionThe remote host appears to be running Ipswitch IMail Server 11.x or 12.x older than version 12.3 and is, therefore, affected by an information disclosure vulnerability due to the included OpenSSL version.
An error exists related to the SSL/TLS/DTLS protocols, CBC mode encryption and response time. An attacker could obtain plaintext contents of encrypted traffic via timing attacks.
SolutionUpgrade to Ipswitch IMail Server version 12.3 or later.