Ipswitch IMail Server 5.x/6.x DoS Vulnerability

Due to the implementation of IMail's authentication scheme, the server could be remotely forced to stop responding to login requests. If the client fails to terminate the connection, IMail will not be able to authenticate any other users due to the fact that it can only authorize one user at a time.

Once the client times out the connection, IMail will regain normal functionality. Otherwise the service will have to be restarted.


 

Privacy Statement
Copyright 2010, SecurityFocus