| VID |
18090 |
| Severity |
40 |
| Port |
143 |
| Protocol |
TCP |
| Class |
IMAP |
| Detailed Description |
The Ipswitch IMail IMAP server, according to its banner, has a buffer overflow vulnerability in the EXAMINE argument. Ipswitch IMail Server is a Web-based mail server for Microsoft Windows operating systems. IMail Server is part of the Ipswitch Collaboration Suite, a communication and collaboration application. IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 are vulnerable to a buffer overflow when processing an EXAMINE command with a long argument. If a remote authenticated attacker sends an EXAMINE command with a malformed mailbox name of 259 bytes, the attacker could overflow a buffer and execute arbitrary code on the system with administrator privileges.
* Note: This check solely relied on the banner of the IMAP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.idefense.com/application/poi/display?id=216&type=vulnerabilities
http://securitytracker.com/id?1013410
http://secunia.com/advisories/14546
* Platforms Affected:
Ipswitch, Inc., IMail Server version 8.13 and possibly earlier versions
Microsoft Windows Any version |
| Recommendation |
Apply the IMail Server 8.15 Hotfix 1 (dated February 3, 2005), available from the Ipswitch FTP Download site at ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe
-- OR --
Upgrade to the latest version of IMail Server (greater than 8.15), when new version fixed this problem becomes available from the Ipswitch FTP Download site at ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/ |
| Related URL |
CVE-2005-0707 (CVE) |
| Related URL |
12780 (SecurityFocus) |
| Related URL |
19655 (ISS) |
|
