MailMax vulnerabilities
Created 4/24/03
CVE 2002-1057
Impact
A remote attacker could create a denial of service or
execute arbitrary commands.
Background
MailMax
is a mail server package for Windows. It includes
SMTP, POP3, and
IMAP services.
The Problems
4/24/03
The login process for the MailMax IMAP
service is affected by a buffer overflow condition in the
processing of the password field. A very long password
could cause the program's exception handler
to detect the overflow and terminate the program,
resulting in a denial of service. Furthermore, an even
longer attack which overwrites the exception handler on
the stack could result in execution of arbitrary commands.
MailMax 5 running IMAPMax prior to 5.0.10.8 and possibly
earlier versions are affected by this vulnerability.
CVE 2002-1057
A second vulnerability affects the POP3
service. Insufficient checking of the USER
parameter leads to a buffer overflow condition. A remote
attacker could crash the service or manipulate local
registers, which could lead to command execution.
MailMax 4.8 is affected by this vulnerability.
Resolution
Download MailMax 5.5
or higher, or the latest version of MailMax 5 containing
IMAPMax 5.0.10.8 or higher. Alternatively, if the
IMAP service is not needed, MailMax 5 can
be used safely by shutting off the IMAP
service.
Where can I read more about this?
The IMAP vulnerability was posted to
VulnWatch.
The POP3 vulnerability was posted to
Bugtraq.