Info

Disclosure

Feb 17, 2004

Discovery

Oct 31, 2003

Dates

Exploit

Feb 17, 2004

Solution

Unknown

Description

Ipswitch IMail contains a flaw that allows a remote attacker execute arbitrary code or cause a denial of service. The issue is due to the Lightweight Directory Access Protocol (LDAP) daemon not properly sanitizing input of LDAP messages. If an attacker supplies such a message with an overly large tag, they may be able to crash the service or execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Upgrade to version 8.05 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Ipswitch, Inc.

IMail Server

8.03

References

Secunia Advisory ID: 10880
ISS X-Force ID: 15243
Milw0rm: 157
Exploit Database: 157
CVE ID: 2004-0297 (see also: NVD)
Metasploit ID: 3984
Bugtraq ID: 9682
CERT VU: 972334
Generic Exploit URL: http://packetstormsecurity.nl/0402-exploits/ldaped.c
http://www.saintcorporation.com/cgi-bin/exploit_info/imail_ldap
Other Advisory URL: http://www.idefense.com/application/poi/display?id=74&type=vulnerabilities
http://www.securiteam.com/exploits/5CP0M0KC0K.html
Vendor Specific Solution URL: http://www.ipswitch.com/support/imail/releases/imail_professional/im805HF2.html
Keyword: iLDAP.exe 3.9.15.10

Credit

iDefense - iDefense

Direct URL: http://osvdb.org/3984