|
|||
Rule General Information |
---|
Release Date: | 2017-08-22 | |
Rule Name: | IMAP SUBSCRIBE Command Buffer Overflow Vulnerability (CVE-2004-1211) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. | |
Impact: | Remote code execution | |
Affected OS: | Windows, Solaris, Other Unix, FreeBSD, Linux | |
Reference: | SecurityFocusBID:23050 ExploitDB:3537 http://www.immunitysec.com/partners-index.shtml http://www.vupen.com/english/advisories/2007/1092 |
|
Solutions |
---|
Update vendor's patch. |