IMail IMAP DELETE command buffer overflow
Added: 06/01/2006CVE: CVE-2004-1520
BID: 11675
OSVDB: 11838
Background
IMail is an e-mail server for Windows platforms.Problem
A buffer overflow in the IMAP service could allow remote attackers to execute commands by sending a long, specially crafted DELETE command. The attacker would need to know a valid e-mail login and password on the server in order to exploit this vulnerability.Resolution
Apply IMail Server 8.14 Hotfix 1.References
http://secunia.com/advisories/13200Limitations
Exploit works on IMail 8.13. A valid e-mail login and password are required in order to exploit the vulnerability.Platforms
Windows 2000Windows XP
Windows XP SP1
Back to exploit index
