| VID |
22307 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Ipswitch IMail Server, according to its banner, has a 'DELETE' command Buffer Overflow Vulnerability.
Ipswitch IMail Server is a Web-based mail server for Microsoft Windows operating systems. Ipswitch IMail Server version 8.13 and prior versions are vulnerable to a buffer overflow vulnerability, caused by a failure of the application to properly check bounds of user-supplied input in the 'DELETE' command. A remote attacker could exploit this vulnerability to execute arbitrary code on the target system.
* Note: This check solely relied on the banner of Web server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-11/0182.html
* Platforms Affected:
Ipswitch, Inc., IMail Server 8.13 and earlier
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version(8.14 or later) of IMail from:
http://www.imailserver.com/products/imail-server/ |
| Related URL |
CVE-2004-1520 (CVE) |
| Related URL |
11675 (SecurityFocus) |
| Related URL |
18058 (ISS) |
|
