Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007CVE: CVE-2007-3925
BID: 24962
OSVDB: 36219
Background
IMail is an e-mail server for Windows platforms.Problem
A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command.Resolution
Upgrade to Ipswitch IMail Server version 2006.21.References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=563Limitations
Exploit works on Ipswitch IMail Server 2006.1. A valid IMAP login and password are required.Platforms
Windows 2000Windows Server 2003
Back to exploit index