Check Point Advisories

Preemptive Protection against Alt-N MDaemon IMAP Server FETCH Command Buffer Overflow Vulnerability

Check Point Reference: CPAI-2008-046
Date Published: 24 Mar 2008
Severity: Medium
Last Updated: Sunday 03 August, 2008
Source: Secunia Advisory: SA29382
Industry Reference:CVE-2008-1358
Protection Provided by:
Who is Vulnerable? Alt-N Technologies MDaemon 9.6.4
Vulnerability Description A buffer overflow vulnerability has been reported in the Alt-N MDaemon IMAP Server. The MDaemon IMAP server is a server side implementation of the IMAP protocol. Internet Message Access Protocol (IMAP) is a standard protocol for accessing e-mail from a local server that provides management of received messages on a remote server. A remote attacker can exploit this issue to trigger a buffer overflow which may lead to an application crash and to arbitrary code execution.
Update/Patch AvaliableUpdate to version 9.6.5:
Alt-N Technologies
Vulnerability DetailsThe flaw exists in way the IMAP service of the MDaemon handles IMAP requests. The vulnerability is due to a boundary error when the server is processing FETCH commands. A remote attacker can exploit this flaw via an overly long FETCH request. Successful exploitation may allow an attacker to create a denial of service condition or execute arbitrary code on an affected server.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK