Ipswitch IMail Server邮件列表imailsrv.exe栈溢出漏洞

BUGTRAQ ID: 41719 Ipswitch IMail Server是Ipswitch协作组件中捆绑的一个邮件服务器。 imailsrv.exe进程用于处理发送给imailsrv的消息。如果消息标题中包含有“?Q?”运算符，则该序列之后的字符串未经长度检查便被拷贝到了本地栈缓冲区，导致执行任意代码。 如果要到达这个代码路径，邮件列表必须受口令保护（需认证情况），或之前已经配置了口令（无需认证情况）。 Ipswitch IMail 11.01 厂商补丁： Ipswitch -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Ipswitch Imail Server Mailing List Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail. Authentication might be required to exploit this vulnerability. The specific flaw exists within imailsrv.exe which is invoked to handle messages sent to the imailsrv. When a message...

Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail List Mailer. Authentication is not required to exploit this vulnerability. The specific flaw exists within imailsrv.exe which is invoked to handle messages sent to the imailsrv. When...