Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
BID:26252
Info
Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 26252 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4345 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 30 2007 12:00AM |
| Updated: | Oct 30 2007 12:00AM |
| Credit: | Secunia Research is credited with the discovery of this issue. |
| Vulnerable: |
Ipswitch IMail Client 9.22 |
| Not Vulnerable: | |
Discussion
Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
IMail Client, which is included in Ipswitch IMail Server, is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects IMail Client 9.22, which is included with IMail Server 2006.22; other versions may also be affected.
IMail Client, which is included in Ipswitch IMail Server, is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects IMail Client 9.22, which is included with IMail Server 2006.22; other versions may also be affected.
Exploit / POC
Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow Vulnerability
References:
References:
- IMail Server Homepage (Ipswitch)
- Secunia Research: IPSwitch IMail Server IMail Client Buffer Overflow (Secunia Research
) - Secunia Research: IPSwitch IMail Server IMail Client Buffer Overflow (Secunia)