CVE-2007-3927

Ipswitch IMail Server < 2006.21 - Buffer Overflow in Imailsec

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3927. PoCs published by ZhenHan.Liu.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Imail 2006 (9.10) via the SUBSCRIBE IMAP command. It delivers a reverse shell payload (win32_bind) on port 22, achieving remote code execution.

Description

Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 (1) allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and (2) allow attackers to have an unknown impact via an unspecified vector related to "subscribe."

Exploits (1)

exploitdb WORKING POC VERIFIED

by ZhenHan.Liu · perlremotewindows

https://www.exploit-db.com/exploits/4228

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Imail 2006 (9.10) via the SUBSCRIBE IMAP command. It delivers a reverse shell payload (win32_bind) on port 22, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Imail 2006 (9.10), imap4d32.exe (6.8.8.1)

Auth required

Prerequisites: Valid IMAP credentials · Network access to IMAP port (143)

MITRE ATT&CK