Lucene search
SAINT CorporationSAINT:56E650FEBE42CEFAADFC391280DADEBCHistoryJun 01, 2006 - 12:00 a.m.
IMail IMAP DELETE command buffer overflow
2006-06-0100:00:00
SAINT Corporation
download.saintcorporation.com
8
0.959 High
EPSS
Percentile
99.4%
Added: 06/01/2006
CVE: CVE-2004-1520
BID: 11675
OSVDB: 11838
Background
IMail is an e-mail server for Windows platforms.
Problem
A buffer overflow in the IMAP service could allow remote attackers to execute commands by sending a long, specially crafted **DELETE** command. The attacker would need to know a valid e-mail login and password on the server in order to exploit this vulnerability.
Resolution
Apply IMail Server 8.14 Hotfix 1.
References
<http://secunia.com/advisories/13200>
Limitations
Exploit works on IMail 8.13. A valid e-mail login and password are required in order to exploit the vulnerability.
Platforms
Windows 2000
Windows XP
Windows XP SP1
Related
nessus
nessus
Ipswitch IMail IMAP Service DELETE Command Remote Overflow
2004-11-19 00:00:00
packetstorm
packetstorm
Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
2009-11-26 00:00:00
IMail IMAP4D Delete Overflow
2009-11-26 00:00:00
exploitdb
exploitdb
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow
2010-06-22 00:00:00
saint
saint
IMail IMAP DELETE command buffer overflow
2006-06-01 00:00:00
IMail IMAP DELETE command buffer overflow
2006-06-01 00:00:00
IMail IMAP DELETE command buffer overflow
2006-06-01 00:00:00
cvelist
cvelist
CVE-2004-1520
2005-02-19 05:00:00
cve
cve
CVE-2004-1520
2004-12-31 05:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch IMail IMAP Service DELETE Command Buffer Overflow (CVE-2004-1520)
2009-10-12 00:00:00