[VIM] MOAUB #15 - Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption
rkeith
rkeith at securityfocus.com
Thu Sep 16 12:11:36 CDT 2010
Hey George,
This is an interesting one and you may be correct. Doesn't help that ZDI doesn't disclose a source or any significant details.
We'll err on the safe side and create a second BID for this issue.
Thanks,
Rob
George A. Theall wrote:
> Abyssec published an advisory today concerning a memory corruption issue
> in Ipswitch Imail that's triggered with multiple long Reply-To headers:
>
>
> http://www.exploit-db.com/moaub-15-ipswitch-imail-server-list-mailer-reply-to-address-memory-corruption/
>
>
> I see that SecurityFocus has added this as an additional PoC in BID
> 41717, suggesting it's the same as the issue covered by ZDI-10-126.
> While the advisories are very similar, I think there are really two
> distinct issues at play here. That is, ZDI claims the issue has been
> addressed by iMail 11.02 while Abyssec lists versions 11.01 and 11.02 as
> affected. And more significantly, Ipswitch themselves have responded
> already to Abyssec's advisory with a patch:
>
>
> http://kb.imailserver.com/cgi-bin/imail.cfg/php/enduser/std_adp.php?p_faqid=1197
>
>
> Thoughts? Rob?
>
> George
--
Rob Keith
Symantec
More information about the VIM
mailing list