Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ipswitch IMail < 8.15 Hotfix 1 IMAP EXAMINE Argument Buffer Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of the Ipswitch Collaboration Suite / Ipswitch IMail IMAP server that is prone to a buffer overflow when processing an EXAMINE command with a long argument. Specifically, if an authenticated attacker sends an EXAMINE command with a malformed mailbox name of 259 bytes, the attacker will overwrite the saved stack frame pointer and potentially gain control of process execution.

Solution

Apply IMail Server 8.15 Hotfix 1 (February 3, 2005) or upgrade to a version greater than 8.15 when it becomes available.