In association with heise online

20 July 2007, 09:32

Arbitrary code injection vulnerabilities in Ipswitch IMAP server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The IMAP server by Ipswitch, which is installed together with Collaboration Suite and IMail, contains arbitrary code injection and execution vulnerabilities. New software versions have been provided to fix these bugs.

TippingPoint has reported a hole in the Imailsec component which can be exploited by unauthenticated attackers to execute arbitrary code. Also, specially crafted subscribe commands can cause a buffer overflow. Security service provider iDefense has reported two vulnerabilities in the IMAP server. Authenticated users can cause a buffer overflow using malformed search or search charset commands and thereby inject arbitrary code, which is executed with SYSTEM privileges. The changelog provided by Ipswitch also mentions another hole, which can be exploited by unauthenticated attackers to crash the service.

Ipswitch has released updated software versions to fix these vulnerabilities. Administrators are advised to install these updates as soon as possible or to disable IMAP support and use POP3 or Webmail instead, if an update is not possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit