|
|
#1
May 21st, 2002, 04:27 PM
|
||||
|
||||
Buffer Overflow in Ipswitch Imail
Help Net Security have announced -at
http://www.net-security.org/vuln.php?id=1695- that the popular Imail mail server is affected by a security problem that could allow remote access to the server with system account privileges. The vulnerability affects Imail versions 7.1 and earlier and stems from a buffer overflow in the Ipswitch Imail LDAP component. The problem arises on authentication in the server, as an attacker could provide an overly long string to the "bind DN" parameter causing a buffer overflow and interrupting the Imail service. If the attacker had carefully crafted the parameter, they could also run code on the server. To fix this vulnerability, Ipswitch *have made a patch available at the following address: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM710HF1.exe
__________________
"When fascism comes to America it will come wrapped in the flag and carrying a cross." Sinclair Lewis |
|
#2
May 21st, 2002, 08:40 PM
|
||||
|
||||
|
Re: Buffer Overflow in Ipswitch Imail
I hate Imail, I was once a postmaster for an internet company that used imail. What a peice of junk. I am not surprised.
hmmm, pretty objective opinion for a mod eh?
__________________
Not every thing that can be counted counts, and not everything that counts can be counted. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
