Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ipswitch IMail服务器多个缓冲区溢出漏洞
Vulnerability Description
Ipswitch IMail Server是美国Ipswitch公司的一款运行于Microsoft Windows操作系统中的邮件服务器。 IMail捆绑了一个IMAP守护程序(imapd32.exe)允许用户访问邮件。如果向这个守护程序发送了Search或Search charset IMAP命令的话,就可以分别触发栈溢出和堆溢出漏洞;如果向守护程序发送超长SUBSCRIBE IMAP命令的话,就可以触发栈溢出,导致执行任意代码。 IMailsec.dll组件在试图认证用户时使用lstrcpyA()函数
CVSS Information
N/A
Vulnerability Type
N/A