Signature Detail
Short Name |
IMAP:IPSWITCH:STATUS-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
IMAP |
Keywords |
IPSwitch IMAP Server STATUS Overflow |
Release Date |
2005/06/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IMAP: IPSwitch IMAP Server STATUS Overflow
This signature detects attempts to exploit a known vulnerability in Ipswitch IMail IMAP server. The IMail server does not perform sufficient boundary checking when processing a STATUS command. Remote attackers can include a long mailbox name argument within a maliciously crafted STATUS command to overflow a stack buffer and execute arbitrary code with system level privileges.
Extended Description
Ipswitch IMail is prone to multiple remote vulnerabilities. Attackers may exploit these issues to deny service for legitimate users, obtaoin potentially sensitive information, and execute arbitrary code. The vulnerabilities include a directory-traversal issue, two remote denial-of-service issues, and multiple buffer-overflow issues.
Affected Products
- Ipswitch IMail 5.0.0
- Ipswitch IMail 5.0.5
- Ipswitch IMail 5.0.6
- Ipswitch IMail 5.0.7
- Ipswitch IMail 5.0.8
- Ipswitch IMail 6.0.0
- Ipswitch IMail 6.0.1
- Ipswitch IMail 6.0.2
- Ipswitch IMail 6.0.3
- Ipswitch IMail 6.0.4
- Ipswitch IMail 6.0.5
- Ipswitch IMail 6.0.6
- Ipswitch IMail 6.1.0
- Ipswitch IMail 6.2.0
- Ipswitch IMail 6.3.0
- Ipswitch IMail 6.4.0
- Ipswitch IMail 7.0.1
- Ipswitch IMail 7.0.2
- Ipswitch IMail 7.0.3
- Ipswitch IMail 7.0.4
- Ipswitch IMail 7.0.5
- Ipswitch IMail 7.0.6
- Ipswitch IMail 7.0.7
- Ipswitch IMail 7.1.0
- Ipswitch IMail 7.12.0
- Ipswitch IMail 8.0.3
- Ipswitch IMail 8.0.5
- Ipswitch IMail 8.1.0
- Ipswitch IMail 8.13.0
- Ipswitch IMail 8.14.0
- Ipswitch IMail 8.15.0 Hotfix 1
- Ipswitch IMail 8.2.0
References