Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11775
HistoryMar 10, 2006 - 12:00 a.m.

[SA19168] Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability

2006-03-1000:00:00
vulners.com
14
JSON

TITLE:
Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability

SECUNIA ADVISORY ID:
SA19168

VERIFY ADVISORY:
http://secunia.com/advisories/19168/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
>From remote

SOFTWARE:
IMail Secure Server 2006
http://secunia.com/product/8651/
IMail Server 2006
http://secunia.com/product/8653/
Ipswitch Collaboration Suite 2006
http://secunia.com/product/8652/

DESCRIPTION:
A vulnerability has been reported in Ipswitch IMail
Server/Collaboration Suite, which can be exploited by malicious users
to cause a DoS (Denial of Service).

The vulnerability is caused due to a boundary error within the
handling of the IMAP FETCH command. This can be exploited to cause a
buffer overflow, which crashes the server.

The vulnerability has been reported in the following versions:

  • Ipswitch Collaboration Suite 2006 Premium Edition
  • Ipswitch Collaboration Suite 2006 Standard Edition
  • IMail Secure Server 2006
  • IMail Server 2006

SOLUTION:
Update to version 2006.03.

Ipswitch Collaboration Suite 2006 Premium Edition:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/ICS/ics-premium200603.exe

Ipswitch Collaboration Suite 2006 Standard Edition:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/ICS/ics-standard200603.exe

IMail Secure Server 2006:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imailsecure200603.exe

IMail Server 2006:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail200603.exe

PROVIDED AND/OR DISCOVERED BY:
The vendor credits 3Com's Zero Day Initiative.

ORIGINAL ADVISORY:
http://www.ipswitch.com/support/ics/updates/ics200603prem.asp
http://www.ipswitch.com/support/ics/updates/ics200603stan.asp
http://www.ipswitch.com/support/imail/releases/imsec200603.asp
http://www.ipswitch.com/support/imail/releases/im200603.asp

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

JSON