Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
BID:18129
CVE-2006-2646 |Info
Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
| Bugtraq ID: | 18129 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 29 2006 12:00AM |
| Updated: | Jun 07 2006 06:52PM |
| Credit: | Discovery is credited to kcope <[email protected]>. |
| Vulnerable: |
Altn MDaemon 8.1.3 Altn MDaemon 8.1.1 Altn MDaemon 8.1 Altn MDaemon 8.0.5 Altn MDaemon 8.0.4 Altn MDaemon 8.0 3 Altn MDaemon 8.0 2 Altn MDaemon 8.0 1 Altn MDaemon 8.0 Altn MDaemon 7.2 Altn MDaemon 6.8.5 Altn MDaemon 6.8.4 Altn MDaemon 6.8.3 Altn MDaemon 6.8.2 Altn MDaemon 6.8.1 Altn MDaemon 6.8 .0 Altn MDaemon 6.7.9 Altn MDaemon 6.7.5 Altn MDaemon 6.5.2 Altn MDaemon 6.5.1 Altn MDaemon 6.5 .0 Altn MDaemon 6.0.7 Altn MDaemon 6.0.6 Altn MDaemon 6.0.5 Altn MDaemon 6.0 .0 Altn MDaemon 5.0.7 Altn MDaemon 3.5.6 Altn MDaemon 3.5.4 Altn MDaemon 3.5.1 Altn MDaemon 3.5 .0 Altn MDaemon 3.1.2 Altn MDaemon 3.1.1 Altn MDaemon 3.1 beta Altn MDaemon 3.0.4 Altn MDaemon 3.0.3 Altn MDaemon 2.71 SP1 Altn MDaemon 2.8.5 0 Altn MDaemon 2.8 |
| Not Vulnerable: | |
Discussion
Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
Alt-N MDaemon IMAP Server is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
This issue allows remote, unauthenticated attackers to execute arbitrary machine code in the context of affected servers. This facilitates the complete compromise of affected computers.
Specific information regarding affected versions is not currently available. This BID will be updated as further information is disclosed.
UPDATE: The reporter of this issue states that this issue may not be exploitable. This BID may be retired in the future.
Alt-N MDaemon IMAP Server is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
This issue allows remote, unauthenticated attackers to execute arbitrary machine code in the context of affected servers. This facilitates the complete compromise of affected computers.
Specific information regarding affected versions is not currently available. This BID will be updated as further information is disclosed.
UPDATE: The reporter of this issue states that this issue may not be exploitable. This BID may be retired in the future.
Exploit / POC
Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
A sample command line to demonstrate this issue was provided:
a001 "[X]\r\n
where 'X' is 99555 bytes long.
The following proof-of-concept exploit code will also demonstrate this vulnerability:
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
A sample command line to demonstrate this issue was provided:
a001 "[X]\r\n
where 'X' is 99555 bytes long.
The following proof-of-concept exploit code will also demonstrate this vulnerability:
Solution / Fix
Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
References:
References:
- Alt-N Homepage (Alt-N)
- INFIGO IS Security Advisory #INFIGO-2006-08-04 (INFIGO Information Security)