header-logo
Suggest Exploit
vendor:
IMail Server
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: IMail Server
Affected Version From: 8.11 and earlier
Affected Version To: 8.11 and earlier
Patch Exists: YES
Related CWE: N/A
CPE: //a:ipswitch:imail_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
1999

IMail’s whois server buffer overflow

IMail's whois server can be crashed due to an unchecked buffer. An attacker can send a string of 1000 characters to port 43 of the target machine to exploit this vulnerability.

Mitigation:

Upgrade to IMail version 8.12 or later
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/506/info

IMail's whois server can be crashed due to an unchecked buffer. 

Telnet to target machine, port 43

Send glob1

Where glob1 is 1000 characters.

Navigation

Suggest Exploit

Services By CQR