[VIM] MOAUB #15 - Ipswitch Imail Server List Mailer Reply-To Address Memory Corruption
rkeith at securityfocus.com
Thu Sep 16 12:11:36 CDT 2010
This is an interesting one and you may be correct. Doesn't help that ZDI doesn't disclose a source or any significant details.
We'll err on the safe side and create a second BID for this issue.
George A. Theall wrote:
> Abyssec published an advisory today concerning a memory corruption issue
> in Ipswitch Imail that's triggered with multiple long Reply-To headers:
> I see that SecurityFocus has added this as an additional PoC in BID
> 41717, suggesting it's the same as the issue covered by ZDI-10-126.
> While the advisories are very similar, I think there are really two
> distinct issues at play here. That is, ZDI claims the issue has been
> addressed by iMail 11.02 while Abyssec lists versions 11.01 and 11.02 as
> affected. And more significantly, Ipswitch themselves have responded
> already to Abyssec's advisory with a patch:
> Thoughts? Rob?
More information about the VIM