CVE-2007-2795

Related Files

IPSwitch IMAP Server 9.20 Overflow

Posted Sep 15, 2009

Authored by Dominic Chell

IPSwitch IMAP Server version 9.20 and below remote buffer overflow exploit.

tags | exploit, remote, overflow, imap

advisories | CVE-2007-2795

SHA-256 | c6aa0faefb20ce7196a8c749c9dc1b089bd8b0fac46149e8070c03dbb5c15cae

Download | Favorite | View

Zero Day Initiative Advisory 07-043

Posted Jul 25, 2007

Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.

tags | advisory, overflow, arbitrary, tcp, imap

advisories | CVE-2007-2795

SHA-256 | 8279df9e3f6628e382b2c7a5a6be9506ada270ff36959ade2e745ffecec11bc0

Download | Favorite | View

Zero Day Initiative Advisory 07-042

Posted Jul 25, 2007

Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.

tags | advisory, arbitrary

advisories | CVE-2007-2795

SHA-256 | 593b634096faa8f05ad818060f65a33e6146a050e4d9a804b7f9cba05849a6d2

Download | Favorite | View