Hmmmm... We were not able to duplicate the buffer overflow. The information reported in the message is not valid nor is the exploit. By the way, it says it works ok in .9 and 1.1 (or something like that, I don't have the message now). This makes this incorrect as they all travel through the exact same logic.
It appears that this information is just to get you to run the fake patch. John CTO, Ipswitch In reply to 28 Jul message from [EMAIL PROTECTED]: >There appears to be a definite buffer overflow problem with the HTTP >1.0 protocol that must be corrected. Since the exploit itself could >be a trojan, I haven't had time to instrument and fully run it in the >lab except to note that the success of the exploit may depend on the >script kiddie's local address and port. It can potentially be >modified for other addresses. > I probably won't have time to get to the patch ...agreed, it must >be considered a trojan itself and this exploit would be better >blocked upstream by the firewall. >----- Original Message ----- >From: "John A Junod" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Sunday, July 28, 2002 8:05 AM >Subject: Re: [IMail Forum] IPSwitch IMail ADVISORY/EXPLOIT/PATCH >> I can't guarantee that this is not true, but our testing group >> did look into it and can't duplicate the error. It appears >> instead that this is simply a trick to get you to run the >> suggested patch. Please don't do that as it did not come from >> Ipswitch. We are still trying to determine exactly what the >> patch will really do to you. >Please visit http://www.ipswitch.com/support/mailing-lists.html to be >removed from this list. >An Archive of this list is available at: >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >Please visit the Knowledge Base for answers to frequently asked >questions: http://www.ipswitch.com/support/IMail/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
