Detections
Analytics

Ipswitch IMail IMAP EXAMINE Argument Buffer Overflow

high Nessus Plugin ID 17311

Language:

Synopsis

The remote IMAP server is vulnerable to a buffer overflow attack.

Description

The remote host is running a version of the Ipswitch Collaboration Suite / Ipswitch IMail IMAP server that is prone to a buffer overflow when processing an EXAMINE command with a long argument. Specifically, if an authenticated attacker sends an EXAMINE command with a malformed mailbox name of 259 bytes or more, he will overwrite the saved stack frame pointer and potentially gain control of process execution.

Solution

Apply IMail Server 8.15 Hotfix 1 (February 3, 2005).

See Also

http://www.nessus.org/u?29ff4a66

Plugin Details

Severity: High

ID: 17311

File Name: imail_imapd_examine_overflow.nasl

Version: 1.18

Type: remote

Published: 3/11/2005

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: imap/false_imap, imap/overflow

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 3/10/2005

Reference Information

CVE: CVE-2005-0707

BID: 12780