|
HF2 for 7.07 addresses this as well.
Eric S
----- Original Message -----
Sent: Friday, May 24, 2002 1:03 PM
Subject: [IMail Forum] FYI
Security Alert, May 24, 2002
* BUFFER OVERFLOW IN IPSWITCH'S
IMAIL SERVER
Foundstone Labs discovered that a buffer overflow condition
exists
in the Lightweight Directory Access Protocol (LDAP) component of
Ipswitch's IMail Server, which can result in a Denial of Service (DoS)
attack. An attacker can exploit this vulnerability to remotely execute
arbitrary code by using the privileges of the IMail daemon, which
typically has the default of SYSTEM. Ipswitch has released Hotfix 1
for IMail Server 7.10, which addresses this vulnerability. Users who
have earlier versions of IMail Server will need to upgrade to version
7.10.
http://www.secadministrator.com/articles/index.cfm?articleID=25294
Just
FYI for
everyone.
Cheers
Mark
Orillia ProNet
22A Colborne Street West
Orillia, Ontario,
L3V 2Y3, Canada
705-329-3949
www.orilliapronet.com
[EMAIL PROTECTED]
|
