Added: 03/15/2006
CVE: CVE-2005-3526
BID: 17063
OSVDB: 23796
IMail is a mail server for Windows including SMTP, IMAP, and LDAP services.
A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted **FETCH**
command to the IMAP service.
Upgrade to IMail 2006.03 or higher.
<http://secunia.com/advisories/19168/>
Exploit works on IMail Server 2006(02a). At least one message must exist in the user’s inbox in order for the exploit to succeed.
Windows 2000
Windows XP