Hi all, There are a couple of vulnerabilities in Ipswitch IMail Server 7.04.
*** In the POP3 Server *** If you enter a valid username the reply is: +OK welcome On the other hand, if you enter a username that doesn't exist on the server the reply is: +OK send your password This gives you a way to probe for existing accounts on the server. *** In the Web Messaging Server *** Log in on one account in the Web Messaging Server and Select Change User Information. Save the HTML page on disk and change the value of the hidden INPUT tag called "olduser" to the name of another account. You also have to change the ACTION value of the FORM tag so it points to the server, and it must also contain the random string that you find in the URL to the ordinary page. Then load this changed page into the browser, fill in some new user information and click on the Save button. This way you can change the user information for any other user. *** Vendor response *** Ipswitch have created a patch that among other things fix these two vulnerabilities. You can find it at: http://www.ipswitch.com/support/IMail/patch-upgrades.html *** Other information *** This advisory can also be found at: http://ntsecurity.nu/advisories/a16.shtml -- Regards, Terrence Koeman Technical Director/Administrator MediaMonks B.V. (www.mediamonks.nl) Please quote all replies in correspondence. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Panda > Consulting S.A - Luis Alberto Arango > Sent: Friday, October 12, 2001 08:01 > To: [EMAIL PROTECTED] > Subject: [IMail Forum] Problems installing 7.04 Hotfix/Ipswitch link is > incorrect > > > Hi there, just to let you know that > > When I tried to install the new hotfix I got an application error. The > application Exception was an access violation. (I run NT4) > > After getting the error, I tried to install the Hot Fix in a > backup server I > have for tests and development and I also got the same exception error. > > If you want to get direct access to the Hot Fix, try this link > ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM704HF1.exe > > BE AWARE: (ipswitch, has the wrong link redirection. The link says > IM704HF1.exe and by the time I checked (Friday Oct 12, 12:30 am) > it actually > pointed to Imail04.exe (the last upgrade server)...so if you believed you > download the fix.....you didn't. > > Hey, if you have the time, please tell me how it goes for you > installing the > Hot Fix (make sure it is the correct File, the IM704HF1.exe > > Anybody else getting the errors. > > FYI: > Here is some info from my event viewer when I got the error > > 0000: 0d 0a 0d 0a 41 70 70 6c ....Appl > 0008: 69 63 61 74 69 6f 6e 20 ication. > 0010: 65 78 63 65 70 74 69 6f exceptio > 0018: 6e 20 6f 63 63 75 72 72 n.occurr > 0020: 65 64 3a 0d 0a 20 20 20 ed:..... > 0028: 20 20 20 20 20 41 70 70 .....App > 0030: 3a 20 20 28 70 69 64 3d :..(pid= > 0038: 31 37 34 29 0d 0a 20 20 174).... > 0040: 20 20 20 20 20 20 57 68 ......Wh > 0048: 65 6e 3a 20 31 30 2f 31 en:.10/1 > 0050: 32 2f 32 30 30 31 20 40 2/2001.@ > 0058: 20 30 3a 33 38 3a 35 39 .0:38:59 > 0060: 2e 35 34 36 0d 0a 20 20 .546.... > 0068: 20 20 20 20 20 20 45 78 ......Ex > 0070: 63 65 70 74 69 6f 6e 20 ception. > 0078: 6e 75 6d 62 65 72 3a 20 number:. > 0080: 63 30 30 30 30 30 30 35 c0000005 > 0088: 20 28 61 63 63 65 73 73 .(access > 0090: 20 76 69 6f 6c 61 74 69 .violati > 0098: 6f 6e 29 0d 0a 0d 0a 2a on)....* > > Luis Arango > ----- Original Message ----- > From: "Gordon Holtslander" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, October 11, 2001 10:46 PM > Subject: [IMail Forum] MAPISP32.exe has generated errors > > > > At unpredictable intervals I will get this Program Error in Outlook. > "MAPISP32.exe has generated errors and will be closed by Windows. You will > need to restart the program." I turn off Outlook and back on and it will > work until it tries to get a "bad" message from the server. I've been able > to work around this problem by moving the main.* files into a sub > directory > of the user's directory and then using the web interface to the user's > account move the files back a few at a time until I can isolate the "bad" > email, delete it and then everything works fine. > > > > This is pretty labour intensive. Is there any way I can avoid > this problem > all together? Or if it can't be avoided is there a different way to deal > with it? > > > > Gord > > > > The Lung Association > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > > to be removed from this list. > > > > An Archive of this list is available at: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > to be removed from this list. > > An Archive of this list is available at: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >
smime.p7s
Description: application/pkcs7-signature
