IMAP v4 vulnerable

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
targetit
New user
New user
Posts: 9
Joined: 2010-10-08 11:01

IMAP v4 vulnerable

Post by targetit » 2011-02-25 16:05

Hi,

I'm using hMailServer 5.3.3-B1879 and a recent vulnerability scan is showing an issue with the IMAP server:

The identified version of imap4 service running is subject to a remote vulnerability where it is
possible for an attacker to gain shell access. This can lead to a system compromise.

Is anyone aware of this version of IMAP an issue, or whether there's an update for it?

Kind regards

Chris

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: IMAP v4 vulnerable

Post by ^DooM^ » 2011-02-25 16:23

I would like to see an attacker gain shell access to a windows machine through IMAP.

I would contact your vulnerability scanner and ask them to elaborate on what they mean and to manually check your machine considering it is a windows server and not a linux one which seems to be what they are referring to.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

targetit
New user
New user
Posts: 9
Joined: 2010-10-08 11:01

Re: IMAP v4 vulnerable

Post by targetit » 2011-02-25 16:30

Hi,

That may well be the case. As long as no vulnerabilities are known with hMailServer I think we can ignore the scan results.

If you run a free one from Qualys it may pick up on your server.

I ran one with Qualys months ago and seem to remember a similar point, so they may be running a general scan and picking up that flaw based on a specific platform.

Kind regards

Chris

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: IMAP v4 vulnerable

Post by martin » 2011-02-25 18:56

Does your scanning software tell you what IMAP software the server is running? In other words, does it tell you that your server is running hMailServer?

targetit
New user
New user
Posts: 9
Joined: 2010-10-08 11:01

Re: IMAP v4 vulnerable

Post by targetit » 2011-02-28 17:15

Hi,

No, what I wrote in my original post was all that was given.

I shouldn't worry about it since we're running on Windows and there's no shell access anyway.

Kind regards

Chris

User avatar
dzekas
Senior user
Senior user
Posts: 2486
Joined: 2005-10-13 21:28
Location: Lithuania

Re: IMAP v4 vulnerable

Post by dzekas » 2011-03-01 07:43

targetit wrote:Hi,

I'm using hMailServer 5.3.3-B1879 and a recent vulnerability scan is showing an issue with the IMAP server:

The identified version of imap4 service running is subject to a remote vulnerability where it is
possible for an attacker to gain shell access. This can lead to a system compromise.

Is anyone aware of this version of IMAP an issue, or whether there's an update for it?
http://www.securityfocus.com/bid/30663

See version numbers. The only vulnerability report on bugtraq.

It is denial of service and not shell access.

Post Reply