0x04 : Exploit/Proof-of-Concept
#!/usr/bin/python
##########################################################################
# Ipswitch IMail Server - IMAP4 Server (IMail 11.01) Password Decryptor
# Tested on: Windows XP SP3 (Windows version does not matter)
# Description:
# So I reverse engineered the IMail password decryption function in
# IMailsec.dll, located at 0x00563130.
#
======================================================================
Secunia Research 30/10/2007
- IPSwitch IMail Server IMail Client Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
ZDI-10-126: Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-126
July 15, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Ipswitch
ZDI-10-128: Ipswitch Imail Server Queuemgr Format String Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-128
July 15, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Ipswitch
ZDI-10-127: Ipswitch Imail Server Mailing List Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-127
July 15, 2010
-- CVSS:
9, (AV:N/AC:L/Au:S/C:C/I:C/A:C)
-- Affected Vendors:
Ipswitch
