CVE-2006-4379

Ipswitch Collaboration Suite, IMail, IMail Plus, and IMail Secure - Stack-Based Buffer Overflow via SMTP Daemon

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-4379. PoCs published by Jacopo Cervini, Greg Linares.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in IMail 2006 and 8.x SMTP service via a maliciously crafted RCPT TO command. It leverages a SEH overwrite to achieve remote code execution on vulnerable Windows systems.

Description

Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Jacopo Cervini · remotewindows
https://www.exploit-db.com/exploits/3265

This exploit targets a stack-based buffer overflow in IMail 2006 and 8.x SMTP service via a maliciously crafted RCPT TO command. It leverages a SEH overwrite to achieve remote code execution on vulnerable Windows systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IMail 2006 and 8.x
No auth needed
Prerequisites: Network access to the SMTP service (port 25) · Vulnerable version of IMail
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Jacopo Cervini · perlremotewindows
https://www.exploit-db.com/exploits/3264

This exploit targets a buffer overflow vulnerability in IMail SMTP server (CVE-2006-4379) by sending a maliciously crafted RCPT TO command. It includes shellcode for a bind shell on port 4444 and supports two versions of IMail (8.10 and 8.12).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ipswitch IMail SMTP Server 8.10, 8.12
No auth needed
Prerequisites: Network access to the SMTP server (port 25) · Target must be running vulnerable IMail version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Greg Linares · cremotewindows
https://www.exploit-db.com/exploits/2601

This exploit targets a stack overflow vulnerability in IMail 2006 and 8.x SMTP servers via the 'RCPT TO:' command. It includes multiple payloads for different actions such as adding a user, changing the administrator password, or creating a network share.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IMail 2006 and 8.x prior to 2006.1 update
No auth needed
Prerequisites: Network access to the SMTP service · Target must be running a vulnerable version of IMail
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21795
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/445521/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016804
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19885
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28789
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016803
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3496

Scores

EPSS 0.6004
EPSS Percentile 99.0%

Details

Status published
Products (4)
ipswitch/imail_plus 2006
ipswitch/imail_secure_server 2006
ipswitch/ipswitch_collaboration_suite 2006_premium
ipswitch/ipswitch_collaboration_suite 2006_standard
Published Sep 08, 2006
Tracked Since Feb 18, 2026