Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ipswitch IMail Client < 2006.23 Multipart MIME Email Overflow

Medium

Synopsis

The remote Windows host contains a program that is prone to a buffer overflow attack.

Description

IMail Client, a tool for administering Ipswitch IMail Server, is installed on the remote Windows host. The version of IMail Client on the remote host contains a boundary error that can be triggered by a long 'boundary' parameter in when processing emails with multipart MIME data. If an attacker can trick the Ipswitch Mail Server administrator to open a specially-crafted email using the affected application, he can leverage this issue to execute arbitrary code subject to the user's privileges.

Solution

Upgrade to version 2006.23 or higher.