| VID |
18044 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The ISMail SMTP server is vulnerable to a buffer overflow attack via a long MAIL FROM parameter.ISMail is a powerful yet easy to use mail server for Windows. There exists a buffer overrun vulnerability in the SMTP service offered by ISMAIL. By supplying long Domain name values in either the MAIL FROM: or RCPT TO: values, an attacker can overwrite the saved return address on the stack. As ISMAIL runs as a LOCAL SYSTEM account, any arbitrary code executed on the server being passed by an attacker will run with system privileges.
* References:
http://www.securityfocus.com/archive/1/313363
http://www.nextgenss.com/advisories/ismailbo.txt
* Platforms Affected:
ISMAIL version 1.4.3 or below |
| Recommendation |
Upgrade to the latest version (v1.4.5 or later) of ISMAIL, available from the ISMAIL download site, http://instantservers.com/download/ |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
