Ipswitch IMail Web Service Buffer Overflow DoS Vulnerability

info
discussion
exploit
solution
references

Ipswitch IMail Web Service Buffer Overflow DoS Vulnerability

Telnet to target machine, port 8383

Send: GET /glob1/
Where glob1 is 3000 characters.

Marc Maiffret <marc@eeye.com> has released the following exploit:

/data/vulnerabilities/exploits/threadcrashimail.zip
/data/vulnerabilities/exploits/