Multiple vulnerabilities have been reported in IMail Server, which can be exploited to gain knowledge of sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.

1) An error in the IMAP4d32 service when parsing LSUB commands can be exploited to consume all available CPU resources by passing a long string of NULL characters.

2) A boundary error in the IMAP4d32 service can be exploited to crash the service via a SELECT command with an overly long mailbox name (about 260 bytes).

3) Boundary errors in the IMAP4D32 service when parsing LOGIN commands can be exploited to cause buffer overflows by passing either an overly long username (about 2,000 bytes) or an overly long username starting with certain special characters.

Successful exploitation allows execution of arbitrary code with SYSTEM privileges.

4) A boundary error in the IMAP4D32 service when parsing STATUS commands can be exploited to cause a stack-based buffer overflow by passing an overly long string as mailbox name to the command.

Successful exploitation allows execution of arbitrary code with SYSTEM privileges.

5) An input validation error in Web Calendaring when handling requests for non-existent JavaScript files can be exploited to read arbitrary files on the system via directory traversal attacks.

The vulnerabilities have been reported in version 8.13. Other versions may also be affected.

Solution
Apply hotfixes.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Discovered by anonymous person and reported via iDEFENSE.
2) Sebastian Apelt
3) Discovered by:
* Anonymous person and reported via iDEFENSE
* iDEFENSE Labs
4) iDEFENSE Labs
5) Discovered by anonymous person and reported via iDEFENSE.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Ipswitch:
http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html
http://www.ipswitch.com/Support/ICS/updates/ics2hf2.html

iDEFENSE:
http://www.idefense.com/application/poi/display?id=241&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=242&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=245&type=vulnerabilities

Deep Links
Links available to Secunia VIM customers