Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
BID:25176
Info
Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25176 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 02 2007 12:00AM |
| Updated: | Aug 03 2007 12:05AM |
| Credit: | ZhenHan Liu, Ph4nt0m Security Team and Secunia Research are credited with discovering these issues. |
| Vulnerable: |
Ipswitch IMail Server Premium 2006.21 Ipswitch IMail Server Premium 2006.2 Ipswitch Collaboration Suite (ICS) 2006 |
| Not Vulnerable: | |
Discussion
Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
Ipswitch IMail Server and Collaboration Suite (ICS) are prone to multiple buffer-overflow vulnerabilities because these applications fail to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit these issues to execute arbitrary code in the context of the affected applications. Failed exploit attempts will likely result in denial-of-service conditions.
These versions are reported vulnerable to these issues:
Ipswitch Collaboration Suite (ICS) 2006
IMail Premium 2006.2 and 2006.21
Other versions may also be affected.
Ipswitch IMail Server and Collaboration Suite (ICS) are prone to multiple buffer-overflow vulnerabilities because these applications fail to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit these issues to execute arbitrary code in the context of the affected applications. Failed exploit attempts will likely result in denial-of-service conditions.
These versions are reported vulnerable to these issues:
Ipswitch Collaboration Suite (ICS) 2006
IMail Premium 2006.2 and 2006.21
Other versions may also be affected.
Exploit / POC
Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
References:
References:
- IMail Server Homepage (Ipswitch)