LDAP: Imail Buffer Overflow1

This signature detects attempts to exploit a known vulnerability in the Imail LDAP service. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length.

Affected Products

Ipswitch imail

References

CVE: CVE-2004-0297

Short Name
LDAP:IMAIL-BOF-1
Severity
Major
Recommended
True
Recommended Action
Drop
Category
LDAP
Keywords
Buffer CVE-2004-0297 Imail Overflow1
Release Date
02/09/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
Port
TCP/389
False Positive
Unknown
Vendors

Ipswitch

CVSS Score

10.0

Found a potential security threat?