Added: 06/01/2006
CVE: CVE-2004-1520
BID: 11675
OSVDB: 11838
IMail is an e-mail server for Windows platforms.
A buffer overflow in the IMAP service could allow remote attackers to execute commands by sending a long, specially crafted **DELETE**
command. The attacker would need to know a valid e-mail login and password on the server in order to exploit this vulnerability.
Apply IMail Server 8.14 Hotfix 1.
<http://secunia.com/advisories/13200>
Exploit works on IMail 8.13. A valid e-mail login and password are required in order to exploit the vulnerability.
Windows 2000
Windows XP
Windows XP SP1