Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:3E21A071B66E8A04574166D9F5116C55
HistorySep 29, 2006 - 12:00 a.m.

IMail SMTP RCPT TO buffer overflow

2006-09-2900:00:00
SAINT Corporation
www.saintcorporation.com
11

EPSS

0.961

Percentile

99.5%

JSON

Added: 09/29/2006
CVE: CVE-2006-4379
BID: 19885
OSVDB: 28576

Background

IMail is an e-mail server for Windows platforms.

Problem

A buffer overflow vulnerability in the SMTP daemon allows remote command execution by sending a **RCPT TO** argument containing a long string between **@** and **:** characters.

Resolution

Upgrade to IMail 2006.1 or higher.

References

<http://www.securityfocus.com/archive/1/445521&gt;

Limitations

Exploit works with IMail Server 8.10. Exploitation requires that the server have a fixed IP address. Due to the nature of the vulnerability, the success of the exploit may depend on the state of the target system.

Platforms

Windows 2000
Windows Server 2003

Related

exploitdb 3
zdi 1
saint 3
cert 1
checkpoint_advisories 1
zdt 1
securityvulns 1
cvelist 1
nessus 1
canvas 1
nvd 1
cve 1
exploitdb
exploitdb
Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow
2007-02-04 00:00:00
Ipswitch IMail Server 2006 / 8.x - &#039;RCPT&#039; Remote Stack Overflow
2006-10-19 00:00:00
Ipswitch IMail Server 8.10-8.12 - RCPT TO Remote Buffer Overflow (Metasploit)
2007-02-04 00:00:00
zdi
zdi
Ipswitch Collaboration Suite SMTP Server Stack Overflow Vulnerability
2006-09-08 00:00:00
saint
saint
IMail SMTP RCPT TO buffer overflow
2006-09-29 00:00:00
IMail SMTP RCPT TO buffer overflow
2006-09-29 00:00:00
IMail SMTP RCPT TO buffer overflow
2006-09-29 00:00:00
cert
cert
The Ipswitch IMail Server is vulnerable to a buffer overflow
2006-12-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch IMail Server SMTP Service Buffer Overflow (CVE-2006-4379)
2009-11-25 00:00:00
zdt
zdt
Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)
2007-02-04 00:00:00
securityvulns
securityvulns
ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow
2006-09-08 00:00:00
cvelist
cvelist
CVE-2006-4379
2006-09-08 21:00:00
nessus
nessus
Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Overflow
2006-09-08 00:00:00
canvas
canvas
Immunity Canvas: IMAIL_RCPTOVERFLOW
2006-09-08 21:04:00
nvd
nvd
CVE-2006-4379
2006-09-08 21:04:00
cve
cve
CVE-2006-4379
2006-09-08 21:04:00

EPSS

0.961

Percentile

99.5%

JSON
Related for SAINT:3E21A071B66E8A04574166D9F5116C55
exploitdb3zdi1saint3cert1checkpoint_advisories1zdt1securityvulns1cvelist1nessus1canvas1nvd1cve1