IMAP: IPSwitch IMAP Server DELETE Overflow
This signature detects attempts to exploit a known vulnerability against IPSwitch IMAP server. Attackers can send an overly long delete command (DELETE), to overflow the buffer and take complete control of the server.
Extended Description
Ipswitch IMail is reported prone to a remote buffer overflow vulnerability. This issue exists due to insufficient boundary checks performed by the application. Exploitation of this issue can allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. Ipswitch IMail 8.13 is reported prone to this vulnerability. It is possible that other versions are affected as well.
Affected Products
Ipswitch imail
References
BugTraq: 11675
CVE: CVE-2005-1520
URL: http://www.ipswitch.com/Support/ICS/updates/im814hf1.html http://esikker.dk/vul_15771.php
Short Name
IMAP:IPSWITCH:DELETE-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
IMAP
Keywords
CVE-2004-1520 CVE-2005-1520 DELETE IMAP IPSwitch Overflow Server bid:11675
Release Date
11/17/2004
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Ipswitch
CVSS Score
7.5
4.6