===================================================================== CERT-Renater Note d'Information No. 2010/VULN382 _____________________________________________________________________ DATE : 27/09/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running IMail Server version 10 up to and including 11.02. ====================================================================== http://www.imailserver.com/support/releases/im1102p2.asp ______________________________________________________________________ IMail v11.02 Patch 2 Released September 15, 2010 Requirements: You must be running IMail Server v11.02. If you are not running IMail v11.02, please login to myIpswitch.com to download IMail v11.02 before installing this patch. Summary of Fixes: Addresses vulnerability "MOAUB #15 - Ipswitch Imail Server List Mailer Reply-To Address memory corruption" which can potentially cause the Queue Manager service to crash. Versions Affected: IMail v10 and later. Download: IMail, IMail Premium (v11.02 ONLY) http://ftp.ipswitch.com/ipswitch/product_downloads/IMail1102p2.zip Installation: Note: If you intend to install 11.02 Patch 1, please do so before following the steps below. 1. Stop all IMail and IIS services. 2. Locate SmtpDLL.dll and IMailSrv.exe in the IMail top directory and move them to a backup location. 3. Extract SmtpDLL.dll from the zip file to the IMail top directory. 4. Extract IMailSrv.exe from the zip file to the IMail top directory. 5. Restart IMail and IIS Services. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================