IMAP: Ipswitch IMail LOGIN Special Character Buffer Overflow
This signature detects attempts to exploit a known vulnerability against the Ipswitch IMail IMAP server. The IMail Server does not perform sufficient boundary checking when processing the LOGIN command. By sending a specialty crafted LOGIN command with a username argument that is overly long and contains special characters, remote attackers can overflow a stack buffer and execute arbitrary code on a vulnerable host with System level privileges.
Extended Description
Ipswitch IMail is prone to multiple remote vulnerabilities. Attackers may exploit these issues to deny service for legitimate users, obtaoin potentially sensitive information, and execute arbitrary code. The vulnerabilities include a directory-traversal issue, two remote denial-of-service issues, and multiple buffer-overflow issues.
Affected Products
Ipswitch imail
Short Name
IMAP:IPSWITCH:CHAR-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
Buffer CVE-2005-1255 CVE-2007-3925 CVE-2007-3926 CVE-2007-3927 Character IMail Ipswitch LOGIN Overflow Special bid:13727
Release Date
06/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Ipswitch
CVSS Score
6.5
10.0
7.8