CVE-2007-5466

Name of the Vulnerable Software and Affected Versions: eXtremail versions 2.1.1 and earlier

Description: The issue involves multiple buffer overflows that can be exploited by remote attackers. This can be achieved by sending multiple long strings to the IMAP port (143/tcp), which may have an unknown impact. Additionally, attackers can execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function, or via a long LOGIN command to the admin interface port (4501/tcp). Another method of exploitation is through a long string in an IMAP AUTHENTICATE LOGIN action, involving the ifProcImapAuth1 function.

Recommendations: For eXtremail versions 2.1.1 and earlier, update to a version later than 2.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the IMAP port (143/tcp) and the admin interface port (4501/tcp) until a patch is available. Avoid using the ifParseAuthPlain and ifProcImapAuth1 functions in the IMAP AUTHENTICATE PLAIN and AUTHENTICATE LOGIN actions, respectively, until the issue is resolved.