Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
BID:9682
Info
Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
| Bugtraq ID: | 9682 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 17 2004 12:00AM |
| Updated: | Feb 17 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credited to iDefense Labs. |
| Vulnerable: |
Ipswitch IMail 8.0.5 Ipswitch IMail 8.0.3 |
| Not Vulnerable: | |
Discussion
Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service.
The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service.
Exploit / POC
Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
An exploit has been released as part of the MetaSploit Framework 2.0.
The following exploit has been provided:
An exploit has been released as part of the MetaSploit Framework 2.0.
The following exploit has been provided:
Solution / Fix
Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
Solution:
The vendor has released a fix to address this issue:
Ipswitch IMail 8.0.5
Solution:
The vendor has released a fix to address this issue:
Ipswitch IMail 8.0.5
-
Ipswitch im805HF2.exe
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/im805HF2.exe
References
Ipswitch IMail Server Remote LDAP Daemon Buffer Overflow Vulnerability
References:
References:
- IMail Home Page (Ipswitch)
- iDEFENSE Security Advisory 02.17.04: Ipswitch IMail LDAP Daemon Remote Buffer Ov ("iDefense Labs"