|
|
Family: Gain root remotely --> Category: destructive_attack
FTGate IMAP Server Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for buffer overflow vulnerability in FTGate IMAP server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote IMAP server is prone to a buffer overflow.
Description :
The remote host appears to be running a version of FTGate, a
commercial groupware mail server for Windows from FTGate Technology
Ltd.
The version of FTGate installed on the remote host includes an IMAP
server that is prone to a buffer overflow vulnerability due to
boundary errors in its handling of various IMAP commands. An
authenticated attacker can exploit this issue to crash the application
itself and possibly to execute arbitrary code subject to the
rights of the SYSTEM user.
See also :
http://www.securityfocus.com/archive/1/416876/30/0/threaded
http://members.ftgate.com/f4/topic.asp?TOPIC_ID=7298
Solution :
Upgrade to FTGate 4.4.002 or later.
Threat Level:
Critical / CVSS Base Score : 10.0
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
