Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 4141

Synopsis

The remote mail server is affected by multiple vulnerabilities.

Description

The remote host is running Ipswitch IMail, a commercial messaging and collaboration suite for Windows. According to its banner, the version of Ipswitch IMail installed on the remote host has several buffer overflows in its IMAP service component, one of which can be exploited to execute arbitrary code with SYSTEM privileges prior to authentication. In addition, there is also an denial of service issue that can cause the IM server to crash without authentication.

Solution

Upgrade to version 2006.21 or higher.

See Also

http://www.securityfocus.com/archive/1/474040/30/0/threaded

http://www.zerodayinitiative.com/advisories/ZDI-07-042.html

http://www.zerodayinitiative.com/advisories/ZDI-07-043.html

http://archives.neohapsis.com/archives/bugtraq/2007-07/0276.html

http://archives.neohapsis.com/archives/bugtraq/2007-07/0278.html

http://www.ipswitch.com/support/imail/releases/im200621.asp

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=563

Plugin Details

Severity: Medium

ID: 4141

File Name: 4141.prm

Family: SMTP Servers

Published: 2007/07/19

Modified: 2016/11/23

Dependencies: 2004, 2005

Nessus ID: 25737

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.8

Temporal Score: 4.8

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 6.3

Temporal Score: 5.9

Vector: CVSS3#AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ipswitch:imail_server

Exploitable With

Metasploit (Ipswitch IMail IMAP SEARCH Buffer Overflow)

Reference Information

CVE: CVE-2007-3925, CVE-2007-3927

BID: 24962

OSVDB: 36219, 36220, 45818, 45819