|
Family: Misc. --> Category: infos
IPSwitch IMail SMTP Buffer Overflow Vulnerability Scan
Vulnerability Scan Summary IPSwitch IMail SMTP Buffer Overflow
Detailed Explanation for this Vulnerability Test
A vulnerability exists within IMail that
allows remote attackers to gain SYSTEM level
access to servers running IMail's SMTP
daemon (versions 6.06 and below). The
vulnerability stems from the IMail SMTP daemon
not doing proper bounds checking on various input
data that gets passed to the IMail Mailing List
handler code. If a possible hacker crafts a special
buffer and sends it to a remote IMail SMTP server
it is possible that a possible hacker can remotely execute
code (commands) on the IMail system.
Solution:
Download the latest patch from
http://ipswitch.com/support/IMail/patch-upgrades.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|