Reported May 20, 2002, by Foundstone Labs.
· Ipswitch’s IMail Server 7.1 and earlier versions
A buffer overflow condition exists in the Lightweight Directory Access Protocol (LDAP) component of Ipswitch's IMail Server, which can result in a Denial of Service (DoS) attack. An attacker can exploit this vulnerability to remotely execute arbitrary code by using the privileges of the IMail daemon, which typically has the default of SYSTEM.
Discovered by Foundstone Labs.