[原文]Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument.
IA eMailServer IMAP SEARCH Command Remote Overflow
Remote / Network Access
Loss of Integrity,
Loss of Availability
A remote overflow exists in the Internet Anywhere (IA) eMailserver Corporate Edition IMAP server. The IA IMAP server fails to properly sanitize input to the IMAP SEARCH command resulting in a buffer overflow. With a specially crafted request, an attacker can cause a DoS condition resulting in the loss of availability or the execution of arbitrary code resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.