Family: Gain root remotely --> Category: mixed
Ipswitch Collaboration Suite / IMail SMTPD Format String Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for format string vulnerability in Ipswitch Collaboration Suite / IMail SMTPD
Detailed Explanation for this Vulnerability Test
The remote SMTP server is affected by a format string vulnerability.
The remote host is running Ipswitch Collaboration Suite or IMail
Server, commercial messaging and collaboration suites for Windows.
The version of Ipswitch Collaboration Suite / IMail server installed
on the remote host contains an SMTP server that suffers from a format
string flaw. By supplying a specially formatted argument to the
'EXPN', 'MAIL', 'MAIL FROM', or 'RCPT TO' commands, a remote attacker
may be able to corrupt memory on the affected host, crash the service,
or even execute arbitrary code remotely.
See also :
Upgrade to Ipswitch Collaboration Suite 2.02 / IMail 8.22 or later.
High / CVSS Base Score : 7.0
Click HERE for more information and discussions on this network vulnerability scan.