IMail vulnerabilities
CVE 2001-0039
Impact
A remote attacker could execute arbitrary commands with
SYSTEM privileges or cause IMail to stop
responding, thus shutting down e-mail service.
Note: The red stoplight on this page indicates the
highest possible severity level for this category of
vulnerabilities. The severity level for this instance is
indicated by the colored dot beside the link to this
tutorial on the previous page.
Background
IMail
is an e-mail package which runs on Windows systems. It provides
SMTP, IMAP, and POP
services.
The Problem
Due to a buffer overflow condition in the handling of
mailing lists, it is possible to execute arbitrary commands
by sending a message with a long, specially-crafted
string in the header to a valid mailing list on the server.
IMail version 6.06 and earlier are affected by this
vulnerability if unpatched.
CVE 2001-0039
A second vulnerability could allow an attacker
to crash the IMail server by supplying a
password between 80 and 136 characters in length with
the SMTP AUTH command. The server will
respond to a string greater than 136 characters long
with an error message, but that does not cause the server
to crash.
IMail 6.05 and possibly earlier versions are affected
by this vulnerability unless the patch for IMail 6.05
has been applied.
Resolution
Upgrade to
IMail 6.07 when it becomes available.
If IMail 6.07 is not available, upgrade to
IMail 6.06
and install the IMailSrv patch.
Where can I read more about this?
The buffer overflow in the handling of mailing lists was reported in
eEye advisory AD20010424.
The denial-of-service vulnerability was posted to
Bugtraq.