The information on the extent of the issue on ANY version is disclosed in these ways by the entity finding the vulnerability. They are the ones that are testing against versions.
John T eServices For You "Seek, and ye shall find!" > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:Imail_Forum- > [EMAIL PROTECTED] On Behalf Of Jay Sudowski - Handy Networks LLC > Sent: Tuesday, March 14, 2006 10:07 AM > To: [email protected] > Subject: RE: [IMail Forum] Ipswitch Collaboration Suite Code Execution Vulnerability > time to upgrade to .03 if you are running 2006 > > In typical IPSwitch fashion, no information is provided about the extent > of this issue on previous versions of iMail (8.x, 7.x, etc). Are these > versions vulnerable? > > -Jay > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Matti Haack > Sent: Tuesday, March 14, 2006 6:49 AM > To: [email protected] > Subject: [IMail Forum] Ipswitch Collaboration Suite Code Execution > Vulnerability time to upgrade to .03 if you are running 2006 > > "Vulnerability Details: > > This vulnerability allows remote attackers to execute arbitrary code on > vulnerable installations of Ipswitch Collaboration Suite. Authentication > is required to exploit this vulnerability. This specific flaw exists > within the IMAP daemon. A lack of bounds checking during the parsing of > long arguments to the FETCH verb can result in an exploitable buffer > overflow." > http://www.zerodayinitiative.com/advisories/ZDI-06-003.html > > http://www.ipswitch.com/support/ics/updates/ics200603prem.asp > > Greetings > Matti > > > > - > Matti Haack - Hit Haack IT Service Gmbh > Poltlbauer Weg 4, D-94036 Passau > +49 851 50477-22 Fax: +49 851 50477-29 > http://www.haack-it.de > > > > Dieses Dokument ist ausschliesslich fuer den Adressaten bestimmt. > Jegliche Art von Reproduktion, Verbreitung, Vervielfaeltigung, > Modifikation, Verteilung und/oder Publikation dieser E-Mail-Nachricht > ist untersagt, soweit dies nicht ausdruecklich genehmigt wurde. > Jegliche Haftung fur Ansprueche, die aufgrund der Kommunikation per > E-Mail begruendet werden koennten, ist ausgeschlossen, soweit der > Haftungsausschluss gesetzlich zulaessig ist. > > -- Ausgehende E-Mail wurde auf Viren gescannt -- To Unsubscribe: > http://www.ipswitch.com/support/mailing-lists.html > List Archive: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
