Search criteria
122 vulnerabilities found for imail by ipswitch
VAR-200102-0075
Vulnerability from variot - Updated: 2025-12-22 23:08IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. There is a vulnerability in IPSwitch IMail version 6.0.5. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs Date: 2006.04.11
http://www.nevisnetworks.com http://secway.org/advisory/AD20060411.txt http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 and Microsoft Windows XP Service Pack 1 Internet Explorer 6 for Microsoft Windows XP Service Pack 2 Internet Explorer 6 for Microsoft Windows Server 2003 Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets. Systems that are affected are Windows language versions that use a Double Byte Character Set language. Examples of languages that use DBCS are Chinese, Japanese, and Korean languages. Customers using other language versions of Windows might also be affected if "Language for non-Unicode programs" has been set to a Double Byte Character Set language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the victim's system when the victim visits a web page or views an HTML email message.
This attack may be utilized wherever IE parses HTML, such as webpages, email, newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we believe that exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com 2005.12.29 Vendor responded 2006.04.11 Vendor released MS06-0xx patch 2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues. These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys, all XFocus and 0x557 guys :)
References:
- http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
- http://www.nsfocus.com/english/homepage/research/0008.htm
- http://xforce.iss.net/xforce/xfdb/5729
- http://www.securityfocus.com/bid/2100/discuss
- http://www.inter-locale.com/whitepaper/IUC27-a303.html
- http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
- [Mozilla Firefox IDN "Host:" Buffer Overflow] http://www.security-protocols.com/advisory/sp-x17-advisory.txt
- [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow] http://www.security-protocols.com/advisory/sp-x18-advisory.txt
- http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com /research/devnotes/1995/may/02/05.htm
-- Sowhat http://secway.org "Life is like a bug, Do you know how to exploit it ?"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200102-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ibm",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sowhat",
"sources": [
{
"db": "PACKETSTORM",
"id": "45442"
}
],
"trust": 0.1
},
"cve": "CVE-2001-0039",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0039",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-2861",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0039",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#739201",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#808633",
"trust": 0.8,
"value": "5.36"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#872257",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#886953",
"trust": 0.8,
"value": "15.19"
},
{
"author": "CNNVD",
"id": "CNNVD-200102-106",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2861",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. There is a vulnerability in IPSwitch IMail version 6.0.5. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability\n\nBy Sowhat of Nevis Labs\nDate: 2006.04.11\n\nhttp://www.nevisnetworks.com\nhttp://secway.org/advisory/AD20060411.txt\nhttp://www.microsoft.com/technet/security/bulletin/MS06-013.mspx\n\n\nCVE: CVE-2006-1189\n\nVendor\nMicrosoft Inc. \n\nProducts affected:\n\nInternet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4\n\tand Microsoft Windows XP Service Pack 1\nInternet Explorer 6 for Microsoft Windows XP Service Pack 2\nInternet Explorer 6 for Microsoft Windows Server 2003\nInternet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft\n\tWindows 98 SE, and Microsoft Windows Millennium Edition\n\n\n\nThis vulnerability affects systems that use Double-Byte Character Sets. \nSystems that are affected are Windows language versions that use a\nDouble Byte Character Set language. Examples of languages that use DBCS\nare Chinese, Japanese, and Korean languages. Customers using\nother language versions of Windows might also be affected if \"Language\nfor non-Unicode programs\" has been set to a Double Byte Character Set\nlanguage. \n\n\nOverview:\n\nThere exists a buffer overflow in Microsoft Internet Explorer in the\nparsing of DBCS URLS. \n\nThis vulnerability could allow an attacker to execute arbitrary code on the\nvictim\u0027s system when the victim visits a web page or views an HTML email\nmessage. \n\nThis attack may be utilized wherever IE parses HTML, such as webpages, email,\nnewsgroups, and within applications utilizing web-browsing functionality. \n\n\nDetails:\n\nURLMON.DLL does not properly validate IDN containing double-byte character\nsets (DBCS), which may lead to remote code execution. \n\nExploiting this vulnerability seems to need a lot of more work but we\nbelieve that\nexploitation is possible. \n\n\nPOC:\n\nNo PoC will be released for this. \n\n\nFIX:\n\nMicrosoft has released an update for Internet Explorer which is\nset to address this issue. This can be downloaded from:\n\nhttp://www.microsoft.com/technet/security/bulletin/MS06-013.mspx\n\n\nVendor Response:\n\n2005.12.29 Vendor notified via secure@microsoft.com\n2005.12.29 Vendor responded\n2006.04.11 Vendor released MS06-0xx patch\n2006.04.11 Advisory released\n\n\nCommon Vulnerabilities and Exposures (CVE) Information:\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\nthe following names to these issues. These are candidates for\ninclusion in the CVE list (http://cve.mitre.org), which standardizes\nnames for security problems. \n\n\n CVE-2006-1189\n\n\nGreetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,\n all XFocus and 0x557 guys :)\n\n\nReferences:\n\n1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx\n2. http://www.nsfocus.com/english/homepage/research/0008.htm\n3. http://xforce.iss.net/xforce/xfdb/5729\n4. http://www.securityfocus.com/bid/2100/discuss\n5. http://www.inter-locale.com/whitepaper/IUC27-a303.html\n6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx\n7. [Mozilla Firefox IDN \"Host:\" Buffer Overflow]\n http://www.security-protocols.com/advisory/sp-x17-advisory.txt\n8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]\n http://www.security-protocols.com/advisory/sp-x18-advisory.txt\n9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com\n\t /research/devnotes/1995/may/02/05.htm\n\n\n\n\n\n\n\n--\nSowhat\nhttp://secway.org\n\"Life is like a bug, Do you know how to exploit it ?\"\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0039"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "45442"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-0039",
"trust": 1.7
},
{
"db": "BID",
"id": "2083",
"trust": 1.7
},
{
"db": "BID",
"id": "2035",
"trust": 0.8
},
{
"db": "XF",
"id": "5618",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#739201",
"trust": 0.8
},
{
"db": "BID",
"id": "2033",
"trust": 0.8
},
{
"db": "XF",
"id": "5620",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#808633",
"trust": 0.8
},
{
"db": "BID",
"id": "2034",
"trust": 0.8
},
{
"db": "XF",
"id": "5619",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#872257",
"trust": 0.8
},
{
"db": "BID",
"id": "2032",
"trust": 0.8
},
{
"db": "XF",
"id": "5621",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#886953",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20001206 DOS BY SMTP AUTH COMMAND IN IPSWITCH IMAIL SERVER",
"trust": 0.6
},
{
"db": "XF",
"id": "5674",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2861",
"trust": 0.1
},
{
"db": "XF",
"id": "5729",
"trust": 0.1
},
{
"db": "BID",
"id": "2100",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45442",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "45442"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"id": "VAR-200102-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2861"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T23:08:40.730000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2083"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0071.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139925+stiy08143+usbin"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08143"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137627+stiy08287+usbin"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08287"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5674"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2035"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/5618.php"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139817+stiy07831+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy07831"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137621+stiy07790+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy07790"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2033"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/5620.php"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/digest.htm#a26p05a6"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2034"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/5619.php"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/enq.htm#a200977f"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2032"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/5621.php"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da114623+stiy10721+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy10721"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da123587+stiy08812+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08812"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/doc_link/en_us/a_doc_lib/cmds/aixcmds5/setsenv.htm#wpg2f0frit"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/5674.php"
},
{
"trust": 0.1,
"url": "http://www.inter-locale.com/whitepaper/iuc27-a303.html"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/5729"
},
{
"trust": 0.1,
"url": "http://www.security-protocols.com/advisory/sp-x17-advisory.txt"
},
{
"trust": 0.1,
"url": "http://www.nsfocus.com/english/homepage/research/0008.htm"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"trust": 0.1,
"url": "http://www.nevisnetworks.com"
},
{
"trust": 0.1,
"url": "http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx"
},
{
"trust": 0.1,
"url": "http://www.security-protocols.com/advisory/sp-x18-advisory.txt"
},
{
"trust": 0.1,
"url": "http://secway.org"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/2100/discuss"
},
{
"trust": 0.1,
"url": "http://secway.org/advisory/ad20060411.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://72.14.203.104/search?q=cache:dxn-v4fil1ij:developer.novell.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "45442"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "45442"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#739201"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#808633"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#872257"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#886953"
},
{
"date": "2001-02-16T00:00:00",
"db": "VULHUB",
"id": "VHN-2861"
},
{
"date": "2006-04-14T01:00:47",
"db": "PACKETSTORM",
"id": "45442"
},
{
"date": "2001-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"date": "2001-02-16T05:00:00",
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#739201"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#808633"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#872257"
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#886953"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2861"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "45442"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM AIX setclock buffer overflow in remote timeserver argument",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739201"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
}
],
"trust": 0.6
}
}
VAR-200106-0149
Vulnerability from variot - Updated: 2025-12-22 22:12Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. DIIOP by default listens on port 63148. Making continuous and unusually large connection requests to port 63148, will invoke a DIIOP session. Each such connection request will launch a new DIIOP session. Eventually this process will cause CPU utilization to spike to 100% on the target host. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary May 10, 2001 Volume 6 Number 6
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To receive these Alert Summaries as well as other Alerts and Advisories, subscribe to the Internet Security Systems Alert mailing list at: http://xforce.iss.net/maillists/index.php
This summary can be found at: http://xforce.iss.net/alerts/vol-6_num-6.php
Contents: * 120 Reported Vulnerabilities * Risk Factor Key
Date Reported: 04/02/2001 Brief Description: The Bat! masked file type in email attachment could allow execution of code Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: The Bat! 1.49 and earlier Vulnerability: thebat-masked-file-type X-Force URL: http://xforce.iss.net/static/6324.php
Date Reported: 04/02/2001 Brief Description: PHP-Nuke could allow attackers to redirect ad banner URL links Risk Factor: Medium Attack Type: Network Based Platforms Affected: PHP-Nuke 4.4 and earlier Vulnerability: php-nuke-url-redirect X-Force URL: http://xforce.iss.net/static/6342.php
Date Reported: 04/03/2001 Brief Description: Orinoco RG-1000 Residential Gateway default SSID reveals WEP encryption key Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Orinoco Residential Gateway RG-1000 Vulnerability: orinoco-rg1000-wep-key X-Force URL: http://xforce.iss.net/static/6328.php
Date Reported: 04/03/2001 Brief Description: Navision Financials server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Navision Financials 2.5 and 2.6 Vulnerability: navision-server-dos X-Force URL: http://xforce.iss.net/static/6318.php
Date Reported: 04/03/2001 Brief Description: uStorekeeper online shopping system allows remote file retrieval Risk Factor: Medium Attack Type: Network Based Platforms Affected: uStorekeeper 1.61 Vulnerability: ustorekeeper-retrieve-files X-Force URL: http://xforce.iss.net/static/6319.php
Date Reported: 04/03/2001 Brief Description: Resin server allows remote attackers to view Javabean files Risk Factor: Medium Attack Type: Network Based Platforms Affected: Resin 1.2.x, Resin 1.3b1 Vulnerability: resin-view-javabean X-Force URL: http://xforce.iss.net/static/6320.php
Date Reported: 04/03/2001 Brief Description: BPFTP could allow attackers to obtain login credentials Risk Factor: High Attack Type: Network Based Platforms Affected: BPFTP 2.0 Vulnerability: bpftp-obtain-credentials X-Force URL: http://xforce.iss.net/static/6330.php
Date Reported: 04/04/2001 Brief Description: Ntpd server readvar control message buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1, Slackware Linux 7.1, Engarde Secure Linux 1.0.1, Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and earlier, FreeBSD 4.2-Stable, Mandrake Linux Corporate Server 1.0.1, Mandrake Linux 7.2, Trustix Secure Linux, Immunix Linux 7.0, NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux eServer 2.3.1 Vulnerability: ntpd-remote-bo X-Force URL: http://xforce.iss.net/static/6321.php
Date Reported: 04/04/2001 Brief Description: Cisco CSS debug mode allows users to gain administrative access Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Cisco Content Services Switch 11050, Cisco Content Services Switch 11150, Cisco Content Services Switch 11800 Vulnerability: cisco-css-elevate-privileges X-Force URL: http://xforce.iss.net/static/6322.php
Date Reported: 04/04/2001 Brief Description: BEA Tuxedo may allow access to remote services Risk Factor: Medium Attack Type: Network Based Platforms Affected: BEA Tuxedo 7.1 Vulnerability: bea-tuxedo-remote-access X-Force URL: http://xforce.iss.net/static/6326.php
Date Reported: 04/05/2001 Brief Description: Ultimate Bulletin Board could allow attackers to bypass authentication Risk Factor: High Attack Type: Network Based Platforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin Board 5.4.7e Vulnerability: ultimatebb-bypass-authentication X-Force URL: http://xforce.iss.net/static/6339.php
Date Reported: 04/05/2001 Brief Description: BinTec X4000 NMAP denial of service Risk Factor: Low Attack Type: Network Based Platforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000, BinTec X1200 Vulnerability: bintec-x4000-nmap-dos X-Force URL: http://xforce.iss.net/static/6323.php
Date Reported: 04/05/2001 Brief Description: WatchGuard Firebox II kernel denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: WatchGuard Firebox II prior to 4.6 Vulnerability: firebox-kernel-dos X-Force URL: http://xforce.iss.net/static/6327.php
Date Reported: 04/06/2001 Brief Description: Cisco PIX denial of service due to multiple TACACS+ requests Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco PIX Firewall 5.1.4 Vulnerability: cisco-pix-tacacs-dos X-Force URL: http://xforce.iss.net/static/6353.php
Date Reported: 04/06/2001 Brief Description: Darren Reed's IP Filter allows attackers to access UDP and TCP ports Risk Factor: Medium Attack Type: Network Based Platforms Affected: IP Filter 3.4.16 Vulnerability: ipfilter-access-ports X-Force URL: http://xforce.iss.net/static/6331.php
Date Reported: 04/06/2001 Brief Description: Veritas NetBackup nc (netcat) command denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: NetBackup 3.2 Vulnerability: veritas-netbackup-nc-dos X-Force URL: http://xforce.iss.net/static/6329.php
Date Reported: 04/08/2001 Brief Description: PGP may allow malicious users to access authenticated split keys Risk Factor: Medium Attack Type: Host Based Platforms Affected: PGP 7.0 Vulnerability: nai-pgp-split-keys X-Force URL: http://xforce.iss.net/static/6341.php
Date Reported: 04/09/2001 Brief Description: Solaris kcms_configure command line buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7, Solaris 8 Vulnerability: solaris-kcms-command-bo X-Force URL: http://xforce.iss.net/static/6359.php
Date Reported: 04/09/2001 Brief Description: TalkBack CGI script could allow remote attackers to read files on the Web server Risk Factor: Medium Attack Type: Network Based Platforms Affected: TalkBack prior to 1.2 Vulnerability: talkback-cgi-read-files X-Force URL: http://xforce.iss.net/static/6340.php
Date Reported: 04/09/2001 Brief Description: Multiple FTP glob(3) implementation Risk Factor: Low Attack Type: Network Based Platforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8, HP-UX 11.00, NetBSD Vulnerability: ftp-glob-implementation X-Force URL: http://xforce.iss.net/static/6333.php
Date Reported: 04/09/2001 Brief Description: Pine mail client temp file symbolic link Risk Factor: Medium Attack Type: Host Based Platforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat Linux 6.2, Red Hat Linux 7.0 Vulnerability: pine-tmp-file-symlink X-Force URL: http://xforce.iss.net/static/6367.php
Date Reported: 04/09/2001 Brief Description: Multiple FTP glob(3) expansion Risk Factor: Low Attack Type: Network Based Platforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x, OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5 Vulnerability: ftp-glob-expansion X-Force URL: http://xforce.iss.net/static/6332.php
Date Reported: 04/09/2001 Brief Description: Netscape embedded JavaScript in GIF file comments can be used to access remote data Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2, Debian Linux 2.2, Conectiva Linux, Red Hat Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta, Red Hat Linux 7.1 Vulnerability: netscape-javascript-access-data X-Force URL: http://xforce.iss.net/static/6344.php
Date Reported: 04/09/2001 Brief Description: STRIP generates weak passwords Risk Factor: Low Attack Type: Host Based Platforms Affected: STRIP 0.5 and earlier Vulnerability: strip-weak-passwords X-Force URL: http://xforce.iss.net/static/6362.php
Date Reported: 04/10/2001 Brief Description: Solaris Xsun HOME environment variable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7 Vulnerability: solaris-xsun-home-bo X-Force URL: http://xforce.iss.net/static/6343.php
Date Reported: 04/10/2001 Brief Description: Compaq Presario Active X denial of service Risk Factor: Low Attack Type: Network Based Platforms Affected: Compaq Presario, Windows 98, Windows ME Vulnerability: compaq-activex-dos X-Force URL: http://xforce.iss.net/static/6355.php
Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems 'EXPERT' account Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-expert-account X-Force URL: http://xforce.iss.net/static/6354.php
Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems allow attacker on LAN to gain access using TFTP Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-tftp-lan-access X-Force URL: http://xforce.iss.net/static/6336.php
Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems allow attacker on WAN to gain access using TFTP Risk Factor: Low Attack Type: Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-tftp-wan-access X-Force URL: http://xforce.iss.net/static/6337.php
Date Reported: 04/10/2001 Brief Description: Oracle Application Server shared library (ndwfn4.so) buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: iPlanet Web Server 4.x, Oracle Application Server 4.0.8.2 Vulnerability: oracle-appserver-ndwfn4-bo X-Force URL: http://xforce.iss.net/static/6334.php
Date Reported: 04/10/2001 Brief Description: Alcatel ADSL modems use blank password by default Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Alcatel ADSL Network Termination Device 1000, Alcatel Speed Touch ADSL modem Home Vulnerability: alcatel-blank-password X-Force URL: http://xforce.iss.net/static/6335.php
Date Reported: 04/11/2001 Brief Description: Solaris dtsession buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7 Vulnerability: solaris-dtsession-bo X-Force URL: http://xforce.iss.net/static/6366.php
Date Reported: 04/11/2001 Brief Description: Solaris kcsSUNWIOsolf.so buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Solaris 7, Solaris 8 Vulnerability: solaris-kcssunwiosolf-bo X-Force URL: http://xforce.iss.net/static/6365.php
Date Reported: 04/11/2001 Brief Description: Lightwave ConsoleServer brute force password attack Risk Factor: High Attack Type: Network Based Platforms Affected: Lightwave ConsoleServer 3200 Vulnerability: lightwave-consoleserver-brute-force X-Force URL: http://xforce.iss.net/static/6345.php
Date Reported: 04/11/2001 Brief Description: nph-maillist allows user to execute code Risk Factor: Low Attack Type: Host Based Platforms Affected: Email List Generator 3.5 and earlier Vulnerability: nph-maillist-execute-code X-Force URL: http://xforce.iss.net/static/6363.php
Date Reported: 04/11/2001 Brief Description: Symantec Ghost Configuration Server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Ghost 6.5 Vulnerability: ghost-configuration-server-dos X-Force URL: http://xforce.iss.net/static/6357.php
Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server DOS device denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-device-dos X-Force URL: http://xforce.iss.net/static/6348.php
Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server HTTP header denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-header-dos X-Force URL: http://xforce.iss.net/static/6347.php
Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server URL parsing denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-url-dos X-Force URL: http://xforce.iss.net/static/6351.php
Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server CORBA denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-corba-dos X-Force URL: http://xforce.iss.net/static/6350.php
Date Reported: 04/11/2001 Brief Description: Symantec Ghost database engine denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Ghost 6.5, Sybase Adaptive Server Database Engine 6.0.3.2747 Vulnerability: ghost-database-engine-dos X-Force URL: http://xforce.iss.net/static/6356.php
Date Reported: 04/11/2001 Brief Description: cfingerd daemon remote format string Risk Factor: Low Attack Type: Network Based Platforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd 1.4.3 and earlier Vulnerability: cfingerd-remote-format-string X-Force URL: http://xforce.iss.net/static/6364.php
Date Reported: 04/11/2001 Brief Description: Lotus Domino Web Server Unicode denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Lotus Domino R5 prior to 5.0.7 Vulnerability: lotus-domino-unicode-dos X-Force URL: http://xforce.iss.net/static/6349.php
Date Reported: 04/11/2001 Brief Description: Linux mkpasswd generates weak passwords Risk Factor: High Attack Type: Host Based Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd Vulnerability: mkpasswd-weak-passwords X-Force URL: http://xforce.iss.net/static/6382.php
Date Reported: 04/12/2001 Brief Description: Solaris ipcs utility buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Solaris 7 Vulnerability: solaris-ipcs-bo X-Force URL: http://xforce.iss.net/static/6369.php
Date Reported: 04/12/2001 Brief Description: InterScan VirusWall ISADMIN service buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: Linux kernel , InterScan VirusWall 3.0.1 Vulnerability: interscan-viruswall-isadmin-bo X-Force URL: http://xforce.iss.net/static/6368.php
Date Reported: 04/12/2001 Brief Description: HylaFAX hfaxd format string Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1, Mandrake Linux 7.2, Mandrake Linux Corporate Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1 Vulnerability: hylafax-hfaxd-format-string X-Force URL: http://xforce.iss.net/static/6377.php
Date Reported: 04/12/2001 Brief Description: Cisco VPN 3000 Concentrators invalid IP Option denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F Vulnerability: cisco-vpn-ip-dos X-Force URL: http://xforce.iss.net/static/6360.php
Date Reported: 04/13/2001 Brief Description: Net.Commerce package in IBM WebSphere reveals installation path Risk Factor: High Attack Type: Network Based Platforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris 7, Windows NT 4.0 Vulnerability: ibm-websphere-reveals-path X-Force URL: http://xforce.iss.net/static/6371.php
Date Reported: 04/13/2001 Brief Description: QPC ftpd buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: QVT/Term 5.0, QVT/Net 5.0 Vulnerability: qpc-ftpd-bo X-Force URL: http://xforce.iss.net/static/6376.php
Date Reported: 04/13/2001 Brief Description: QPC ftpd directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: QVT/Net 5.0, QVT/Term 5.0 Vulnerability: qpc-ftpd-directory-traversal X-Force URL: http://xforce.iss.net/static/6375.php
Date Reported: 04/13/2001 Brief Description: QPC popd buffer overflow Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: QVT/Net 5.0 Vulnerability: qpc-popd-bo X-Force URL: http://xforce.iss.net/static/6374.php
Date Reported: 04/13/2001 Brief Description: NCM Content Management System access database Risk Factor: Low Attack Type: Network Based Platforms Affected: NCM Content Management System Vulnerability: ncm-content-database-access X-Force URL: http://xforce.iss.net/static/6386.php
Date Reported: 04/13/2001 Brief Description: Netscape SmartDownload 'sdph20.dll' buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows 95, Windows 98 Vulnerability: netscape-smartdownload-sdph20-bo X-Force URL: http://xforce.iss.net/static/6403.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer accept buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-accept-bo X-Force URL: http://xforce.iss.net/static/6404.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer cancel buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-cancel-bo X-Force URL: http://xforce.iss.net/static/6406.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer disable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-disable-bo X-Force URL: http://xforce.iss.net/static/6407.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer enable buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-enable-bo X-Force URL: http://xforce.iss.net/static/6409.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer lp buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lp-bo X-Force URL: http://xforce.iss.net/static/6410.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpfilter buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpfilter-bo X-Force URL: http://xforce.iss.net/static/6411.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpstat buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpstat-bo X-Force URL: http://xforce.iss.net/static/6413.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer reject buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-reject-bo X-Force URL: http://xforce.iss.net/static/6414.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer rmail buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-rmail-bo X-Force URL: http://xforce.iss.net/static/6415.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer tput buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-tput-bo X-Force URL: http://xforce.iss.net/static/6416.php
Date Reported: 04/13/2001 Brief Description: IBM WebSphere CGI macro denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX 4.3.x, Solaris 7 Vulnerability: ibm-websphere-macro-dos X-Force URL: http://xforce.iss.net/static/6372.php
Date Reported: 04/13/2001 Brief Description: SCO OpenServer lpmove buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: SCO Openserver 5.0.0 to 5.0.6 Vulnerability: sco-openserver-lpmove-bo X-Force URL: http://xforce.iss.net/static/6412.php
Date Reported: 04/14/2001 Brief Description: Siemens Reliant Unix ppd -T symlink Risk Factor: Medium Attack Type: Host Based Platforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant Unix 5.44 Vulnerability: reliant-unix-ppd-symlink X-Force URL: http://xforce.iss.net/static/6408.php
Date Reported: 04/15/2001 Brief Description: Linux Exuberant Ctags package symbolic link Risk Factor: Medium Attack Type: Host Based Platforms Affected: Debian Linux 2.2, exuberant-ctags Vulnerability: exuberant-ctags-symlink X-Force URL: http://xforce.iss.net/static/6388.php
Date Reported: 04/15/2001 Brief Description: processit.pl CGI could allow attackers to view sensitive information about the Web server Risk Factor: Medium Attack Type: Network Based Platforms Affected: processit.pl Vulnerability: processit-cgi-view-info X-Force URL: http://xforce.iss.net/static/6385.php
Date Reported: 04/16/2001 Brief Description: Microsoft ISA Server Web Proxy denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Microsoft ISA Server 2000 Vulnerability: isa-web-proxy-dos X-Force URL: http://xforce.iss.net/static/6383.php
Date Reported: 04/16/2001
Brief Description: Microsoft Internet Explorer altering CLSID
action allows malicious file execution
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98
Vulnerability: ie-clsid-execute-files
X-Force URL: http://xforce.iss.net/static/6426.php
Date Reported: 04/16/2001 Brief Description: Cisco Catalyst 5000 series switch 802.1x denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Cisco Catalyst 5000 Series Vulnerability: cisco-catalyst-8021x-dos X-Force URL: http://xforce.iss.net/static/6379.php
Date Reported: 04/16/2001 Brief Description: BubbleMon allows users to gain elevated privileges Risk Factor: Low Attack Type: Host Based Platforms Affected: BubbleMon prior to 1.32, FreeBSD Vulnerability: bubblemon-elevate-privileges X-Force URL: http://xforce.iss.net/static/6378.php
Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-directory-traversal X-Force URL: http://xforce.iss.net/static/6391.php
Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field allows attacker to upload files Risk Factor: Low Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-file-upload X-Force URL: http://xforce.iss.net/static/6393.php
Date Reported: 04/16/2001 Brief Description: DCForum CGI az= field EXPR allows attacker to execute commands Risk Factor: Low Attack Type: Network Based Platforms Affected: DCForum 2000 1.0 Vulnerability: dcforum-az-expr X-Force URL: http://xforce.iss.net/static/6392.php
Date Reported: 04/16/2001 Brief Description: Linux NetFilter IPTables Risk Factor: Low Attack Type: Network Based Platforms Affected: Linux kernel 2.4, Red Hat Linux 7.1 Vulnerability: linux-netfilter-iptables X-Force URL: http://xforce.iss.net/static/6390.php
Date Reported: 04/17/2001 Brief Description: Xitami Web server denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4 Vulnerability: xitami-server-dos X-Force URL: http://xforce.iss.net/static/6389.php
Date Reported: 04/17/2001 Brief Description: Samba tmpfile symlink attack could allow elevated privileges Risk Factor: Low Attack Type: Host Based Platforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0, Progeny Linux, Caldera OpenLinux eBuilder, Trustix Secure Linux 1.01, Mandrake Linux Corporate Server 1.0.1, FreeBSD 4.2, Immunix Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta, Caldera OpenLinux eServer 2.3.1, Caldera OpenLinux eDesktop 2.4, FreeBSD 3.5.1 Vulnerability: samba-tmpfile-symlink X-Force URL: http://xforce.iss.net/static/6396.php
Date Reported: 04/17/2001 Brief Description: GoAhead WebServer "aux" denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME Vulnerability: goahead-aux-dos X-Force URL: http://xforce.iss.net/static/6400.php
Date Reported: 04/17/2001 Brief Description: AnalogX SimpleServer:WWW "aux" denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: SimpleServer:WWW 1.03 to 1.08 Vulnerability: analogx-simpleserver-aux-dos X-Force URL: http://xforce.iss.net/static/6395.php
Date Reported: 04/17/2001 Brief Description: Viking Server hexadecimal URL encoded format directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Viking Server prior to 1.07-381 Vulnerability: viking-hex-directory-traversal X-Force URL: http://xforce.iss.net/static/6394.php
Date Reported: 04/17/2001 Brief Description: Solaris FTP server allows attacker to recover shadow file Risk Factor: Medium Attack Type: Host Based Platforms Affected: Solaris 2.6 Vulnerability: solaris-ftp-shadow-recovery X-Force URL: http://xforce.iss.net/static/6422.php
Date Reported: 04/18/2001 Brief Description: The Bat! pop3 denial of service Risk Factor: High Attack Type: Network Based Platforms Affected: The Bat! 1.51, Windows Vulnerability: thebat-pop3-dos X-Force URL: http://xforce.iss.net/static/6423.php
Date Reported: 04/18/2001 Brief Description: Eudora allows attacker to obtain files using plain text attachments Risk Factor: Medium Attack Type: Network Based Platforms Affected: Eudora 5.0.2 Vulnerability: eudora-plain-text-attachment X-Force URL: http://xforce.iss.net/static/6431.php
Date Reported: 04/18/2001 Brief Description: VMware vmware-mount.pl symlink Risk Factor: Medium Attack Type: Host Based Platforms Affected: VMware Vulnerability: vmware-mount-symlink X-Force URL: http://xforce.iss.net/static/6420.php
Date Reported: 04/18/2001 Brief Description: KFM tmpfile symbolic link could allow local attackers to overwrite files Risk Factor: Medium Attack Type: Host Based Platforms Affected: SuSE Linux 7.0, K File Manager (KFM) Vulnerability: kfm-tmpfile-symlink X-Force URL: http://xforce.iss.net/static/6428.php
Date Reported: 04/18/2001 Brief Description: CyberScheduler timezone remote buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: CyberScheduler, Mandrake Linux, Windows 2000, IIS 5.0, Solaris 8, SuSE Linux, Solaris 7, Slackware Linux, Red Hat Linux, IIS 4.0, Debian Linux, Solaris 2.5, Solaris 2.6, Caldera OpenLinux, Windows NT Vulnerability: cyberscheduler-timezone-bo X-Force URL: http://xforce.iss.net/static/6401.php
Date Reported: 04/18/2001 Brief Description: Microsoft Data Access Component Internet Publishing Provider allows WebDAV access Risk Factor: Medium Attack Type: Network Based Platforms Affected: Microsoft Data Access Component 8.103.2519.0, Windows 95, Windows NT 4.0, Windows 98, Windows 98 Second Edition, Windows 2000, Windows ME Vulnerability: ms-dacipp-webdav-access X-Force URL: http://xforce.iss.net/static/6405.php
Date Reported: 04/18/2001 Brief Description: Oracle tnslsnr80.exe denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8 Vulnerability: oracle-tnslsnr80-dos X-Force URL: http://xforce.iss.net/static/6427.php
Date Reported: 04/18/2001 Brief Description: innfeed -c flag buffer overflow Risk Factor: Low Attack Type: Host Based Platforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux, INN prior to 2.3.1 Vulnerability: innfeed-c-bo X-Force URL: http://xforce.iss.net/static/6398.php
Date Reported: 04/18/2001 Brief Description: iPlanet Calendar Server stores username and password in plaintext Risk Factor: Low Attack Type: Host Based Platforms Affected: iPlanet Calendar Server 5.0p2 Vulnerability: iplanet-calendar-plaintext-password X-Force URL: http://xforce.iss.net/static/6402.php
Date Reported: 04/18/2001 Brief Description: Linux NEdit symlink when printing Risk Factor: High Attack Type: Host Based Platforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux 2.2, Mandrake Linux 7.1, Mandrake Linux 7.2, SuSE Linux 7.0, Mandrake Linux Corporate Server 1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0 Vulnerability: nedit-print-symlink X-Force URL: http://xforce.iss.net/static/6424.php
Date Reported: 04/19/2001 Brief Description: CheckBO TCP buffer overflow Risk Factor: Medium Attack Type: Network Based Platforms Affected: CheckBO 1.56 and earlier Vulnerability: checkbo-tcp-bo X-Force URL: http://xforce.iss.net/static/6436.php
Date Reported: 04/19/2001 Brief Description: HP-UX pcltotiff uses insecure permissions Risk Factor: Medium Attack Type: Host Based Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20, HP-UX 10.26 Vulnerability: hp-pcltotiff-insecure-permissions X-Force URL: http://xforce.iss.net/static/6447.php
Date Reported: 04/19/2001 Brief Description: Netopia Timbuktu allows unauthorized system access Risk Factor: Low Attack Type: Host Based Platforms Affected: Timbuktu Pro, Macintosh OS X Vulnerability: netopia-timbuktu-gain-access X-Force URL: http://xforce.iss.net/static/6452.php
Date Reported: 04/20/2001 Brief Description: Cisco CBOS could allow attackers to gain privileged information Risk Factor: High Attack Type: Host Based / Network Based Platforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053 Vulnerability: cisco-cbos-gain-information X-Force URL: http://xforce.iss.net/static/6453.php
Date Reported: 04/20/2001 Brief Description: Internet Explorer 5.x allows active scripts using XML stylesheets Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Internet Explorer 5.x, Outlook Express 5.x Vulnerability: ie-xml-stylesheets-scripting X-Force URL: http://xforce.iss.net/static/6448.php
Date Reported: 04/20/2001 Brief Description: Linux gftp format string Risk Factor: Low Attack Type: Network Based Platforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0, Mandrake Linux Corporate Server 1.0.1, Immunix Linux 7.0, Red Hat Linux 7.1, Mandrake Linux 7.2, Immunix Linux 6.2, Immunix 7.0 beta, Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat Linux 7.0 Vulnerability: gftp-format-string X-Force URL: http://xforce.iss.net/static/6478.php
Date Reported: 04/20/2001 Brief Description: Novell BorderManager VPN client SYN requests denial of service Risk Factor: Medium Attack Type: Host Based / Network Based Platforms Affected: Novell BorderManager 3.5 Vulnerability: bordermanager-vpn-syn-dos X-Force URL: http://xforce.iss.net/static/6429.php
Date Reported: 04/20/2001 Brief Description: SAFT sendfiled could allow the execution of arbitrary code Risk Factor: Low Attack Type: Host Based Platforms Affected: Debian Linux 2.2, Progeny Linux, sendfile Vulnerability: saft-sendfiled-execute-code X-Force URL: http://xforce.iss.net/static/6430.php
Date Reported: 04/21/2001 Brief Description: Mercury MTA for Novell Netware buffer overflow Risk Factor: Medium Attack Type: Network Based Platforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare Vulnerability: mercury-mta-bo X-Force URL: http://xforce.iss.net/static/6444.php
Date Reported: 04/21/2001 Brief Description: QNX allows attacker to read files on FAT partition Risk Factor: High Attack Type: Host Based / Network Based Platforms Affected: QNX 2.4 Vulnerability: qnx-fat-file-read X-Force URL: http://xforce.iss.net/static/6437.php
Date Reported: 04/23/2001 Brief Description: Viking Server "dot dot" (...) directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Viking Server 1.0.7 Vulnerability: viking-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6450.php
Date Reported: 04/24/2001 Brief Description: NetCruiser Web Server could reveal directory path Risk Factor: High Attack Type: Network Based Platforms Affected: NetCruiser Web Server 0.1.2.8 Vulnerability: netcruiser-server-path-disclosure X-Force URL: http://xforce.iss.net/static/6468.php
Date Reported: 04/24/2001 Brief Description: Perl Web Server directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Perl Web Server 0.3 and prior Vulnerability: perl-webserver-directory-traversal X-Force URL: http://xforce.iss.net/static/6451.php
Date Reported: 04/24/2001 Brief Description: Small HTTP Server /aux denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: Small HTTP Server 2.03 Vulnerability: small-http-aux-dos X-Force URL: http://xforce.iss.net/static/6446.php
Date Reported: 04/24/2001 Brief Description: IPSwitch IMail SMTP daemon mailing list handler buffer overflow Risk Factor: Low Attack Type: Network Based Platforms Affected: IPSwitch Imail 6.06 and earlier Vulnerability: ipswitch-imail-smtp-bo X-Force URL: http://xforce.iss.net/static/6445.php
Date Reported: 04/25/2001 Brief Description: MIT Kerberos 5 could allow attacker to gain root access by injecting base64-encoded data Risk Factor: Low Attack Type: Network Based Platforms Affected: MIT Kerberos 5 Vulnerability: kerberos-inject-base64-encode X-Force URL: http://xforce.iss.net/static/6454.php
Date Reported: 04/26/2001 Brief Description: IRIX netprint -n allows attacker to access shared library Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: IRIX 6.x Vulnerability: irix-netprint-shared-library X-Force URL: http://xforce.iss.net/static/6473.php
Date Reported: 04/26/2001 Brief Description: WebXQ "dot dot" directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: Windows, WebXQ 2.1.204 Vulnerability: webxq-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6466.php
Date Reported: 04/26/2001 Brief Description: RaidenFTPD "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1 Vulnerability: raidenftpd-dot-directory-traversal X-Force URL: http://xforce.iss.net/static/6455.php
Date Reported: 04/27/2001 Brief Description: PerlCal CGI cal_make.pl script directory traversal Risk Factor: High Attack Type: Network Based Platforms Affected: Unix, PerlCal 2.95 and prior Vulnerability: perlcal-calmake-directory-traversal X-Force URL: http://xforce.iss.net/static/6480.php
Date Reported: 04/28/2001 Brief Description: ICQ Web Front plugin denial of service Risk Factor: Medium Attack Type: Network Based Platforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier Vulnerability: icq-webfront-dos X-Force URL: http://xforce.iss.net/static/6474.php
Date Reported: 04/28/2001 Brief Description: Alex FTP Server "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: Alex's FTP Server 0.7 Vulnerability: alex-ftp-directory-traversal X-Force URL: http://xforce.iss.net/static/6475.php
Date Reported: 04/28/2001 Brief Description: BRS WebWeaver FTP path disclosure Risk Factor: High Attack Type: Network Based Platforms Affected: BRS WebWeaver 0.63 Vulnerability: webweaver-ftp-path-disclosure X-Force URL: http://xforce.iss.net/static/6477.php
Date Reported: 04/28/2001 Brief Description: BRS WebWeaver Web server "dot dot" directory traversal Risk Factor: Medium Attack Type: Network Based Platforms Affected: BRS WebWeaver 0.63 Vulnerability: webweaver-web-directory-traversal X-Force URL: http://xforce.iss.net/static/6476.php
Date Reported: 04/29/2001 Brief Description: Winamp AIP buffer overflow Risk Factor: Low Attack Type: Host Based / Network Based Platforms Affected: Winamp 2.6x and 2.7x Vulnerability: winamp-aip-bo X-Force URL: http://xforce.iss.net/static/6479.php
Date Reported: 04/29/2001 Brief Description: BearShare "dot dot" allows remote attacker to traverse directories and download any file Risk Factor: Medium Attack Type: Network Based Platforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows 98, Windows ME Vulnerability: bearshare-dot-download-files X-Force URL: http://xforce.iss.net/static/6481.php
Date Reported: 05/01/2001 Brief Description: IIS 5.0 ISAPI extension buffer overflow Risk Factor: High Attack Type: Network Based Platforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Datacenter Server Vulnerability: iis-isapi-bo X-Force URL: http://xforce.iss.net/static/6485.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security management solutions for the Internet, protecting digital assets and ensuring safe and uninterrupted e-business. With its industry-leading intrusion detection and vulnerability assessment software, remote managed security services, and strategic consulting and education offerings, ISS is a trusted security provider to more than 8,000 customers worldwide including 21 of the 25 largest U.S. commercial banks and the top 10 U.S. telecommunications companies. Founded in 1994, ISS is headquartered in Atlanta, GA, with additional offices throughout North America and international operations in Asia, Australia, Europe, Latin America and the Middle East. For more information, visit the Internet Security Systems web site at www.iss.net or call 888-901-7477.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv
iQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD J/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO rbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y OAtrNiOkj7o= =kYl+ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200106-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "lotus",
"version": null
},
{
"model": "imail",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.06"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "6.06"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.6"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.5"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.4"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.3"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.2"
},
{
"model": "domino",
"scope": "eq",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.1"
},
{
"model": "domino",
"scope": "ne",
"trust": 0.3,
"vendor": "lotus",
"version": "5.0.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "BID",
"id": "2599"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by \u003cpeter.grundl@defcom.com\u003e on April 11, 2001.",
"sources": [
{
"db": "BID",
"id": "2599"
}
],
"trust": 0.3
},
"cve": "CVE-2001-0494",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0494",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-3312",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0494",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#676552",
"trust": 0.8,
"value": "10.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#601312",
"trust": 0.8,
"value": "9.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555464",
"trust": 0.8,
"value": "4.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200106-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-3312",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. \nDIIOP by default listens on port 63148. Making continuous and unusually large connection requests to port 63148, will invoke a DIIOP session. Each such connection request will launch a new DIIOP session. Eventually this process will cause CPU utilization to spike to 100% on the target host. -----BEGIN PGP SIGNED MESSAGE-----\n\nInternet Security Systems Security Alert Summary\nMay 10, 2001\nVolume 6 Number 6\n\nX-Force Vulnerability and Threat Database: http://xforce.iss.net/ To\nreceive these Alert Summaries as well as other Alerts and Advisories,\nsubscribe to the Internet Security Systems Alert mailing list at:\nhttp://xforce.iss.net/maillists/index.php\n\nThis summary can be found at:\nhttp://xforce.iss.net/alerts/vol-6_num-6.php\n\n_____\n\nContents:\n* 120 Reported Vulnerabilities\n* Risk Factor Key\n_____\n\n\nDate Reported: 04/02/2001\nBrief Description: The Bat! masked file type in email attachment\n could allow execution of code\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: The Bat! 1.49 and earlier\nVulnerability: thebat-masked-file-type\nX-Force URL: http://xforce.iss.net/static/6324.php\n\nDate Reported: 04/02/2001\nBrief Description: PHP-Nuke could allow attackers to redirect ad\n banner URL links\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: PHP-Nuke 4.4 and earlier\nVulnerability: php-nuke-url-redirect\nX-Force URL: http://xforce.iss.net/static/6342.php\n\nDate Reported: 04/03/2001\nBrief Description: Orinoco RG-1000 Residential Gateway default SSID\n reveals WEP encryption key\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Orinoco Residential Gateway RG-1000\nVulnerability: orinoco-rg1000-wep-key\nX-Force URL: http://xforce.iss.net/static/6328.php\n\nDate Reported: 04/03/2001\nBrief Description: Navision Financials server denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Navision Financials 2.5 and 2.6\nVulnerability: navision-server-dos\nX-Force URL: http://xforce.iss.net/static/6318.php\n\nDate Reported: 04/03/2001\nBrief Description: uStorekeeper online shopping system allows\n remote file retrieval\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: uStorekeeper 1.61\nVulnerability: ustorekeeper-retrieve-files\nX-Force URL: http://xforce.iss.net/static/6319.php\n\nDate Reported: 04/03/2001\nBrief Description: Resin server allows remote attackers to view\n Javabean files\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Resin 1.2.x, Resin 1.3b1\nVulnerability: resin-view-javabean\nX-Force URL: http://xforce.iss.net/static/6320.php\n\nDate Reported: 04/03/2001\nBrief Description: BPFTP could allow attackers to obtain login\n credentials\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: BPFTP 2.0\nVulnerability: bpftp-obtain-credentials\nX-Force URL: http://xforce.iss.net/static/6330.php\n\nDate Reported: 04/04/2001\nBrief Description: Ntpd server readvar control message buffer\n overflow\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1, \n Slackware Linux 7.1, Engarde Secure Linux 1.0.1,\n Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and\n earlier, FreeBSD 4.2-Stable, Mandrake Linux\n Corporate Server 1.0.1, Mandrake Linux 7.2,\n Trustix Secure Linux, Immunix Linux 7.0, \n NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux\n eServer 2.3.1\nVulnerability: ntpd-remote-bo\nX-Force URL: http://xforce.iss.net/static/6321.php\n\nDate Reported: 04/04/2001\nBrief Description: Cisco CSS debug mode allows users to gain\n administrative access\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Cisco Content Services Switch 11050, Cisco \n Content Services Switch 11150, Cisco Content\n Services Switch 11800\nVulnerability: cisco-css-elevate-privileges\nX-Force URL: http://xforce.iss.net/static/6322.php\n\nDate Reported: 04/04/2001\nBrief Description: BEA Tuxedo may allow access to remote services\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: BEA Tuxedo 7.1\nVulnerability: bea-tuxedo-remote-access\nX-Force URL: http://xforce.iss.net/static/6326.php\n\nDate Reported: 04/05/2001\nBrief Description: Ultimate Bulletin Board could allow attackers to\n bypass authentication\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin\n Board 5.4.7e\nVulnerability: ultimatebb-bypass-authentication\nX-Force URL: http://xforce.iss.net/static/6339.php\n\nDate Reported: 04/05/2001\nBrief Description: BinTec X4000 NMAP denial of service\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000,\n BinTec X1200\nVulnerability: bintec-x4000-nmap-dos\nX-Force URL: http://xforce.iss.net/static/6323.php\n\nDate Reported: 04/05/2001\nBrief Description: WatchGuard Firebox II kernel denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: WatchGuard Firebox II prior to 4.6\nVulnerability: firebox-kernel-dos\nX-Force URL: http://xforce.iss.net/static/6327.php\n\nDate Reported: 04/06/2001\nBrief Description: Cisco PIX denial of service due to multiple \n TACACS+ requests\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Cisco PIX Firewall 5.1.4\nVulnerability: cisco-pix-tacacs-dos\nX-Force URL: http://xforce.iss.net/static/6353.php\n\nDate Reported: 04/06/2001\nBrief Description: Darren Reed\u0027s IP Filter allows attackers to\n access UDP and TCP ports\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: IP Filter 3.4.16\nVulnerability: ipfilter-access-ports\nX-Force URL: http://xforce.iss.net/static/6331.php\n\nDate Reported: 04/06/2001\nBrief Description: Veritas NetBackup nc (netcat) command denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: NetBackup 3.2\nVulnerability: veritas-netbackup-nc-dos\nX-Force URL: http://xforce.iss.net/static/6329.php\n\nDate Reported: 04/08/2001\nBrief Description: PGP may allow malicious users to access\n authenticated split keys\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: PGP 7.0\nVulnerability: nai-pgp-split-keys\nX-Force URL: http://xforce.iss.net/static/6341.php\n\nDate Reported: 04/09/2001\nBrief Description: Solaris kcms_configure command line buffer\n overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Solaris 7, Solaris 8\nVulnerability: solaris-kcms-command-bo\nX-Force URL: http://xforce.iss.net/static/6359.php\n\nDate Reported: 04/09/2001\nBrief Description: TalkBack CGI script could allow remote attackers\n to read files on the Web server\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: TalkBack prior to 1.2\nVulnerability: talkback-cgi-read-files\nX-Force URL: http://xforce.iss.net/static/6340.php\n\nDate Reported: 04/09/2001\nBrief Description: Multiple FTP glob(3) implementation\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8, \n HP-UX 11.00, NetBSD\nVulnerability: ftp-glob-implementation\nX-Force URL: http://xforce.iss.net/static/6333.php\n\nDate Reported: 04/09/2001\nBrief Description: Pine mail client temp file symbolic link\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat\n Linux 6.2, Red Hat Linux 7.0\nVulnerability: pine-tmp-file-symlink\nX-Force URL: http://xforce.iss.net/static/6367.php\n\nDate Reported: 04/09/2001\nBrief Description: Multiple FTP glob(3) expansion\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x,\n OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5\nVulnerability: ftp-glob-expansion\nX-Force URL: http://xforce.iss.net/static/6332.php\n\nDate Reported: 04/09/2001\nBrief Description: Netscape embedded JavaScript in GIF file \n comments can be used to access remote data\nRisk Factor: Medium\nAttack Type: Host Based / Network Based\nPlatforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2,\n Debian Linux 2.2, Conectiva Linux, Red Hat Linux\n 7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta, \n Red Hat Linux 7.1\nVulnerability: netscape-javascript-access-data\nX-Force URL: http://xforce.iss.net/static/6344.php\n\nDate Reported: 04/09/2001\nBrief Description: STRIP generates weak passwords\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: STRIP 0.5 and earlier\nVulnerability: strip-weak-passwords\nX-Force URL: http://xforce.iss.net/static/6362.php\n\nDate Reported: 04/10/2001\nBrief Description: Solaris Xsun HOME environment variable buffer\n overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Solaris 7\nVulnerability: solaris-xsun-home-bo\nX-Force URL: http://xforce.iss.net/static/6343.php\n\nDate Reported: 04/10/2001\nBrief Description: Compaq Presario Active X denial of service\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: Compaq Presario, Windows 98, Windows ME\nVulnerability: compaq-activex-dos\nX-Force URL: http://xforce.iss.net/static/6355.php\n\nDate Reported: 04/10/2001\nBrief Description: Alcatel ADSL modems \u0027EXPERT\u0027 account\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Alcatel ADSL Network Termination Device 1000,\n Alcatel Speed Touch ADSL modem Home\nVulnerability: alcatel-expert-account\nX-Force URL: http://xforce.iss.net/static/6354.php\n\nDate Reported: 04/10/2001\nBrief Description: Alcatel ADSL modems allow attacker on LAN to\n gain access using TFTP\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Alcatel ADSL Network Termination Device 1000,\n Alcatel Speed Touch ADSL modem Home\nVulnerability: alcatel-tftp-lan-access\nX-Force URL: http://xforce.iss.net/static/6336.php\n\nDate Reported: 04/10/2001\nBrief Description: Alcatel ADSL modems allow attacker on WAN to\n gain access using TFTP\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: Alcatel ADSL Network Termination Device 1000,\n Alcatel Speed Touch ADSL modem Home\nVulnerability: alcatel-tftp-wan-access\nX-Force URL: http://xforce.iss.net/static/6337.php\n\nDate Reported: 04/10/2001\nBrief Description: Oracle Application Server shared library\n (ndwfn4.so) buffer overflow\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: iPlanet Web Server 4.x, Oracle Application\n Server 4.0.8.2\nVulnerability: oracle-appserver-ndwfn4-bo\nX-Force URL: http://xforce.iss.net/static/6334.php\n\nDate Reported: 04/10/2001\nBrief Description: Alcatel ADSL modems use blank password by\n default\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Alcatel ADSL Network Termination Device 1000,\n Alcatel Speed Touch ADSL modem Home\nVulnerability: alcatel-blank-password\nX-Force URL: http://xforce.iss.net/static/6335.php\n\nDate Reported: 04/11/2001\nBrief Description: Solaris dtsession buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Solaris 7\nVulnerability: solaris-dtsession-bo\nX-Force URL: http://xforce.iss.net/static/6366.php\n\nDate Reported: 04/11/2001\nBrief Description: Solaris kcsSUNWIOsolf.so buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Solaris 7, Solaris 8\nVulnerability: solaris-kcssunwiosolf-bo\nX-Force URL: http://xforce.iss.net/static/6365.php\n\nDate Reported: 04/11/2001\nBrief Description: Lightwave ConsoleServer brute force password\n attack\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: Lightwave ConsoleServer 3200\nVulnerability: lightwave-consoleserver-brute-force\nX-Force URL: http://xforce.iss.net/static/6345.php\n\nDate Reported: 04/11/2001\nBrief Description: nph-maillist allows user to execute code\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Email List Generator 3.5 and earlier\nVulnerability: nph-maillist-execute-code\nX-Force URL: http://xforce.iss.net/static/6363.php\n\nDate Reported: 04/11/2001\nBrief Description: Symantec Ghost Configuration Server denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Ghost 6.5\nVulnerability: ghost-configuration-server-dos\nX-Force URL: http://xforce.iss.net/static/6357.php\n\nDate Reported: 04/11/2001\nBrief Description: Lotus Domino Web Server DOS device denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Lotus Domino R5 prior to 5.0.7\nVulnerability: lotus-domino-device-dos\nX-Force URL: http://xforce.iss.net/static/6348.php\n\nDate Reported: 04/11/2001\nBrief Description: Lotus Domino Web Server HTTP header denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Lotus Domino R5 prior to 5.0.7\nVulnerability: lotus-domino-header-dos\nX-Force URL: http://xforce.iss.net/static/6347.php\n\nDate Reported: 04/11/2001\nBrief Description: Lotus Domino Web Server URL parsing denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Lotus Domino R5 prior to 5.0.7\nVulnerability: lotus-domino-url-dos\nX-Force URL: http://xforce.iss.net/static/6351.php\n\nDate Reported: 04/11/2001\nBrief Description: Lotus Domino Web Server CORBA denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Lotus Domino R5 prior to 5.0.7\nVulnerability: lotus-domino-corba-dos\nX-Force URL: http://xforce.iss.net/static/6350.php\n\nDate Reported: 04/11/2001\nBrief Description: Symantec Ghost database engine denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Ghost 6.5, Sybase Adaptive Server Database\n Engine 6.0.3.2747\nVulnerability: ghost-database-engine-dos\nX-Force URL: http://xforce.iss.net/static/6356.php\n\nDate Reported: 04/11/2001\nBrief Description: cfingerd daemon remote format string\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd\n 1.4.3 and earlier\nVulnerability: cfingerd-remote-format-string\nX-Force URL: http://xforce.iss.net/static/6364.php\n\nDate Reported: 04/11/2001\nBrief Description: Lotus Domino Web Server Unicode denial of\n service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Lotus Domino R5 prior to 5.0.7\nVulnerability: lotus-domino-unicode-dos\nX-Force URL: http://xforce.iss.net/static/6349.php\n\nDate Reported: 04/11/2001\nBrief Description: Linux mkpasswd generates weak passwords\nRisk Factor: High\nAttack Type: Host Based\nPlatforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd \nVulnerability: mkpasswd-weak-passwords\nX-Force URL: http://xforce.iss.net/static/6382.php\n\nDate Reported: 04/12/2001\nBrief Description: Solaris ipcs utility buffer overflow\nRisk Factor: Medium\nAttack Type: Host Based / Network Based\nPlatforms Affected: Solaris 7\nVulnerability: solaris-ipcs-bo\nX-Force URL: http://xforce.iss.net/static/6369.php\n\nDate Reported: 04/12/2001\nBrief Description: InterScan VirusWall ISADMIN service buffer \n overflow\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: Linux kernel , InterScan VirusWall 3.0.1\nVulnerability: interscan-viruswall-isadmin-bo\nX-Force URL: http://xforce.iss.net/static/6368.php\n\nDate Reported: 04/12/2001\nBrief Description: HylaFAX hfaxd format string\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE\n Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1,\n Mandrake Linux 7.2, Mandrake Linux Corporate\n Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1 \nVulnerability: hylafax-hfaxd-format-string\nX-Force URL: http://xforce.iss.net/static/6377.php\n\nDate Reported: 04/12/2001\nBrief Description: Cisco VPN 3000 Concentrators invalid IP Option\n denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F\nVulnerability: cisco-vpn-ip-dos\nX-Force URL: http://xforce.iss.net/static/6360.php\n\nDate Reported: 04/13/2001\nBrief Description: Net.Commerce package in IBM WebSphere reveals\n installation path\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris\n 7, Windows NT 4.0\nVulnerability: ibm-websphere-reveals-path\nX-Force URL: http://xforce.iss.net/static/6371.php\n\nDate Reported: 04/13/2001\nBrief Description: QPC ftpd buffer overflow\nRisk Factor: Medium\nAttack Type: Host Based / Network Based\nPlatforms Affected: QVT/Term 5.0, QVT/Net 5.0\nVulnerability: qpc-ftpd-bo\nX-Force URL: http://xforce.iss.net/static/6376.php\n\nDate Reported: 04/13/2001\nBrief Description: QPC ftpd directory traversal\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: QVT/Net 5.0, QVT/Term 5.0\nVulnerability: qpc-ftpd-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6375.php\n\nDate Reported: 04/13/2001\nBrief Description: QPC popd buffer overflow\nRisk Factor: Medium\nAttack Type: Host Based / Network Based\nPlatforms Affected: QVT/Net 5.0\nVulnerability: qpc-popd-bo\nX-Force URL: http://xforce.iss.net/static/6374.php\n\nDate Reported: 04/13/2001\nBrief Description: NCM Content Management System access database\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: NCM Content Management System\nVulnerability: ncm-content-database-access\nX-Force URL: http://xforce.iss.net/static/6386.php\n\nDate Reported: 04/13/2001\nBrief Description: Netscape SmartDownload \u0027sdph20.dll\u0027 buffer overflow\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows\n 95, Windows 98\nVulnerability: netscape-smartdownload-sdph20-bo\nX-Force URL: http://xforce.iss.net/static/6403.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer accept buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-accept-bo\nX-Force URL: http://xforce.iss.net/static/6404.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer cancel buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-cancel-bo\nX-Force URL: http://xforce.iss.net/static/6406.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer disable buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-disable-bo\nX-Force URL: http://xforce.iss.net/static/6407.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer enable buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-enable-bo\nX-Force URL: http://xforce.iss.net/static/6409.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer lp buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-lp-bo\nX-Force URL: http://xforce.iss.net/static/6410.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer lpfilter buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-lpfilter-bo\nX-Force URL: http://xforce.iss.net/static/6411.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer lpstat buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-lpstat-bo\nX-Force URL: http://xforce.iss.net/static/6413.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer reject buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-reject-bo\nX-Force URL: http://xforce.iss.net/static/6414.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer rmail buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-rmail-bo\nX-Force URL: http://xforce.iss.net/static/6415.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer tput buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-tput-bo\nX-Force URL: http://xforce.iss.net/static/6416.php\n\nDate Reported: 04/13/2001\nBrief Description: IBM WebSphere CGI macro denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX\n 4.3.x, Solaris 7\nVulnerability: ibm-websphere-macro-dos\nX-Force URL: http://xforce.iss.net/static/6372.php\n\nDate Reported: 04/13/2001\nBrief Description: SCO OpenServer lpmove buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: SCO Openserver 5.0.0 to 5.0.6\nVulnerability: sco-openserver-lpmove-bo\nX-Force URL: http://xforce.iss.net/static/6412.php\n\nDate Reported: 04/14/2001\nBrief Description: Siemens Reliant Unix ppd -T symlink\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant\n Unix 5.44\nVulnerability: reliant-unix-ppd-symlink\nX-Force URL: http://xforce.iss.net/static/6408.php\n\nDate Reported: 04/15/2001\nBrief Description: Linux Exuberant Ctags package symbolic link\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: Debian Linux 2.2, exuberant-ctags\nVulnerability: exuberant-ctags-symlink\nX-Force URL: http://xforce.iss.net/static/6388.php\n\nDate Reported: 04/15/2001\nBrief Description: processit.pl CGI could allow attackers to view\n sensitive information about the Web server\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: processit.pl\nVulnerability: processit-cgi-view-info\nX-Force URL: http://xforce.iss.net/static/6385.php\n\nDate Reported: 04/16/2001\nBrief Description: Microsoft ISA Server Web Proxy denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Microsoft ISA Server 2000\nVulnerability: isa-web-proxy-dos\nX-Force URL: http://xforce.iss.net/static/6383.php\n\nDate Reported: 04/16/2001\nBrief Description: Microsoft Internet Explorer altering CLSID\n action allows malicious file execution\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98 \nVulnerability: ie-clsid-execute-files\nX-Force URL: http://xforce.iss.net/static/6426.php\n\nDate Reported: 04/16/2001\nBrief Description: Cisco Catalyst 5000 series switch 802.1x denial\n of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Cisco Catalyst 5000 Series\nVulnerability: cisco-catalyst-8021x-dos\nX-Force URL: http://xforce.iss.net/static/6379.php\n\nDate Reported: 04/16/2001\nBrief Description: BubbleMon allows users to gain elevated \n privileges\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: BubbleMon prior to 1.32, FreeBSD\nVulnerability: bubblemon-elevate-privileges\nX-Force URL: http://xforce.iss.net/static/6378.php\n\nDate Reported: 04/16/2001\nBrief Description: DCForum CGI az= field directory traversal\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: DCForum 2000 1.0\nVulnerability: dcforum-az-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6391.php\n\nDate Reported: 04/16/2001\nBrief Description: DCForum CGI az= field allows attacker to upload\n files\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: DCForum 2000 1.0\nVulnerability: dcforum-az-file-upload\nX-Force URL: http://xforce.iss.net/static/6393.php\n\nDate Reported: 04/16/2001\nBrief Description: DCForum CGI az= field EXPR allows attacker to\n execute commands\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: DCForum 2000 1.0\nVulnerability: dcforum-az-expr\nX-Force URL: http://xforce.iss.net/static/6392.php\n\nDate Reported: 04/16/2001\nBrief Description: Linux NetFilter IPTables\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: Linux kernel 2.4, Red Hat Linux 7.1\nVulnerability: linux-netfilter-iptables\nX-Force URL: http://xforce.iss.net/static/6390.php\n\nDate Reported: 04/17/2001\nBrief Description: Xitami Web server denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4\nVulnerability: xitami-server-dos\nX-Force URL: http://xforce.iss.net/static/6389.php\n\nDate Reported: 04/17/2001\nBrief Description: Samba tmpfile symlink attack could allow\n elevated privileges\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0,\n Progeny Linux, Caldera OpenLinux eBuilder,\n Trustix Secure Linux 1.01, Mandrake Linux \n Corporate Server 1.0.1, FreeBSD 4.2, Immunix\n Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0\n Beta, Caldera OpenLinux eServer 2.3.1, Caldera\n OpenLinux eDesktop 2.4, FreeBSD 3.5.1\nVulnerability: samba-tmpfile-symlink\nX-Force URL: http://xforce.iss.net/static/6396.php\n\nDate Reported: 04/17/2001\nBrief Description: GoAhead WebServer \"aux\" denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME\nVulnerability: goahead-aux-dos\nX-Force URL: http://xforce.iss.net/static/6400.php\n\nDate Reported: 04/17/2001\nBrief Description: AnalogX SimpleServer:WWW \"aux\" denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: SimpleServer:WWW 1.03 to 1.08\nVulnerability: analogx-simpleserver-aux-dos\nX-Force URL: http://xforce.iss.net/static/6395.php\n\nDate Reported: 04/17/2001\nBrief Description: Viking Server hexadecimal URL encoded format\n directory traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Viking Server prior to 1.07-381\nVulnerability: viking-hex-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6394.php\n\nDate Reported: 04/17/2001\nBrief Description: Solaris FTP server allows attacker to recover\n shadow file\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: Solaris 2.6\nVulnerability: solaris-ftp-shadow-recovery\nX-Force URL: http://xforce.iss.net/static/6422.php\n\nDate Reported: 04/18/2001\nBrief Description: The Bat! pop3 denial of service\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: The Bat! 1.51, Windows\nVulnerability: thebat-pop3-dos\nX-Force URL: http://xforce.iss.net/static/6423.php\n\nDate Reported: 04/18/2001\nBrief Description: Eudora allows attacker to obtain files using\n plain text attachments\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Eudora 5.0.2\nVulnerability: eudora-plain-text-attachment\nX-Force URL: http://xforce.iss.net/static/6431.php\n\nDate Reported: 04/18/2001\nBrief Description: VMware vmware-mount.pl symlink\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: VMware\nVulnerability: vmware-mount-symlink\nX-Force URL: http://xforce.iss.net/static/6420.php\n\nDate Reported: 04/18/2001\nBrief Description: KFM tmpfile symbolic link could allow local\n attackers to overwrite files\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: SuSE Linux 7.0, K File Manager (KFM)\nVulnerability: kfm-tmpfile-symlink\nX-Force URL: http://xforce.iss.net/static/6428.php\n\nDate Reported: 04/18/2001\nBrief Description: CyberScheduler timezone remote buffer overflow\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: CyberScheduler, Mandrake Linux, Windows 2000,\n IIS 5.0, Solaris 8, SuSE Linux, Solaris 7, \n Slackware Linux, Red Hat Linux, IIS 4.0, Debian\n Linux, Solaris 2.5, Solaris 2.6, Caldera \n OpenLinux, Windows NT\nVulnerability: cyberscheduler-timezone-bo\nX-Force URL: http://xforce.iss.net/static/6401.php\n\nDate Reported: 04/18/2001\nBrief Description: Microsoft Data Access Component Internet\n Publishing Provider allows WebDAV access\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Microsoft Data Access Component 8.103.2519.0,\n Windows 95, Windows NT 4.0, Windows 98, Windows\n 98 Second Edition, Windows 2000, Windows ME \nVulnerability: ms-dacipp-webdav-access\nX-Force URL: http://xforce.iss.net/static/6405.php\n\nDate Reported: 04/18/2001\nBrief Description: Oracle tnslsnr80.exe denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8\nVulnerability: oracle-tnslsnr80-dos\nX-Force URL: http://xforce.iss.net/static/6427.php\n\nDate Reported: 04/18/2001\nBrief Description: innfeed -c flag buffer overflow\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux,\n INN prior to 2.3.1\nVulnerability: innfeed-c-bo\nX-Force URL: http://xforce.iss.net/static/6398.php\n\nDate Reported: 04/18/2001\nBrief Description: iPlanet Calendar Server stores username and\n password in plaintext\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: iPlanet Calendar Server 5.0p2\nVulnerability: iplanet-calendar-plaintext-password\nX-Force URL: http://xforce.iss.net/static/6402.php\n\nDate Reported: 04/18/2001\nBrief Description: Linux NEdit symlink when printing\nRisk Factor: High\nAttack Type: Host Based\nPlatforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux\n 2.2, Mandrake Linux 7.1, Mandrake Linux 7.2,\n SuSE Linux 7.0, Mandrake Linux Corporate Server\n 1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0\nVulnerability: nedit-print-symlink\nX-Force URL: http://xforce.iss.net/static/6424.php\n\nDate Reported: 04/19/2001\nBrief Description: CheckBO TCP buffer overflow\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: CheckBO 1.56 and earlier\nVulnerability: checkbo-tcp-bo\nX-Force URL: http://xforce.iss.net/static/6436.php\n\nDate Reported: 04/19/2001\nBrief Description: HP-UX pcltotiff uses insecure permissions\nRisk Factor: Medium\nAttack Type: Host Based\nPlatforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20, \n HP-UX 10.26\nVulnerability: hp-pcltotiff-insecure-permissions\nX-Force URL: http://xforce.iss.net/static/6447.php\n\nDate Reported: 04/19/2001\nBrief Description: Netopia Timbuktu allows unauthorized system\n access\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Timbuktu Pro, Macintosh OS X\nVulnerability: netopia-timbuktu-gain-access\nX-Force URL: http://xforce.iss.net/static/6452.php\n\nDate Reported: 04/20/2001\nBrief Description: Cisco CBOS could allow attackers to gain \n privileged information\nRisk Factor: High\nAttack Type: Host Based / Network Based\nPlatforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053\nVulnerability: cisco-cbos-gain-information\nX-Force URL: http://xforce.iss.net/static/6453.php\n\nDate Reported: 04/20/2001\nBrief Description: Internet Explorer 5.x allows active scripts \n using XML stylesheets\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Internet Explorer 5.x, Outlook Express 5.x\nVulnerability: ie-xml-stylesheets-scripting\nX-Force URL: http://xforce.iss.net/static/6448.php\n\nDate Reported: 04/20/2001\nBrief Description: Linux gftp format string\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0, \n Mandrake Linux Corporate Server 1.0.1, Immunix\n Linux 7.0, Red Hat Linux 7.1, Mandrake Linux\n 7.2, Immunix Linux 6.2, Immunix 7.0 beta, \n Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat\n Linux 7.0\nVulnerability: gftp-format-string\nX-Force URL: http://xforce.iss.net/static/6478.php\n\nDate Reported: 04/20/2001\nBrief Description: Novell BorderManager VPN client SYN requests \n denial of service\nRisk Factor: Medium\nAttack Type: Host Based / Network Based\nPlatforms Affected: Novell BorderManager 3.5\nVulnerability: bordermanager-vpn-syn-dos\nX-Force URL: http://xforce.iss.net/static/6429.php\n\nDate Reported: 04/20/2001\nBrief Description: SAFT sendfiled could allow the execution of\n arbitrary code\nRisk Factor: Low\nAttack Type: Host Based\nPlatforms Affected: Debian Linux 2.2, Progeny Linux, sendfile\nVulnerability: saft-sendfiled-execute-code\nX-Force URL: http://xforce.iss.net/static/6430.php\n\nDate Reported: 04/21/2001\nBrief Description: Mercury MTA for Novell Netware buffer overflow\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare\nVulnerability: mercury-mta-bo\nX-Force URL: http://xforce.iss.net/static/6444.php\n\nDate Reported: 04/21/2001\nBrief Description: QNX allows attacker to read files on FAT \n partition\nRisk Factor: High\nAttack Type: Host Based / Network Based\nPlatforms Affected: QNX 2.4\nVulnerability: qnx-fat-file-read\nX-Force URL: http://xforce.iss.net/static/6437.php\n\nDate Reported: 04/23/2001\nBrief Description: Viking Server \"dot dot\" (\\...\\) directory\n traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Viking Server 1.0.7\nVulnerability: viking-dot-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6450.php\n\nDate Reported: 04/24/2001\nBrief Description: NetCruiser Web Server could reveal directory\n path\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: NetCruiser Web Server 0.1.2.8\nVulnerability: netcruiser-server-path-disclosure\nX-Force URL: http://xforce.iss.net/static/6468.php\n\nDate Reported: 04/24/2001\nBrief Description: Perl Web Server directory traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Perl Web Server 0.3 and prior\nVulnerability: perl-webserver-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6451.php\n\nDate Reported: 04/24/2001\nBrief Description: Small HTTP Server /aux denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Small HTTP Server 2.03\nVulnerability: small-http-aux-dos\nX-Force URL: http://xforce.iss.net/static/6446.php\n\nDate Reported: 04/24/2001\nBrief Description: IPSwitch IMail SMTP daemon mailing list handler\n buffer overflow\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: IPSwitch Imail 6.06 and earlier\nVulnerability: ipswitch-imail-smtp-bo\nX-Force URL: http://xforce.iss.net/static/6445.php\n\nDate Reported: 04/25/2001\nBrief Description: MIT Kerberos 5 could allow attacker to gain root\n access by injecting base64-encoded data\nRisk Factor: Low\nAttack Type: Network Based\nPlatforms Affected: MIT Kerberos 5\nVulnerability: kerberos-inject-base64-encode\nX-Force URL: http://xforce.iss.net/static/6454.php\n\nDate Reported: 04/26/2001\nBrief Description: IRIX netprint -n allows attacker to access\n shared library\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: IRIX 6.x\nVulnerability: irix-netprint-shared-library\nX-Force URL: http://xforce.iss.net/static/6473.php\n\nDate Reported: 04/26/2001\nBrief Description: WebXQ \"dot dot\" directory traversal\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: Windows, WebXQ 2.1.204\nVulnerability: webxq-dot-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6466.php\n\nDate Reported: 04/26/2001\nBrief Description: RaidenFTPD \"dot dot\" directory traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1\nVulnerability: raidenftpd-dot-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6455.php\n\nDate Reported: 04/27/2001\nBrief Description: PerlCal CGI cal_make.pl script directory\n traversal\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: Unix, PerlCal 2.95 and prior\nVulnerability: perlcal-calmake-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6480.php\n\nDate Reported: 04/28/2001\nBrief Description: ICQ Web Front plugin denial of service\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier\nVulnerability: icq-webfront-dos\nX-Force URL: http://xforce.iss.net/static/6474.php\n\nDate Reported: 04/28/2001\nBrief Description: Alex FTP Server \"dot dot\" directory traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: Alex\u0027s FTP Server 0.7\nVulnerability: alex-ftp-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6475.php\n\nDate Reported: 04/28/2001\nBrief Description: BRS WebWeaver FTP path disclosure\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: BRS WebWeaver 0.63\nVulnerability: webweaver-ftp-path-disclosure\nX-Force URL: http://xforce.iss.net/static/6477.php\n\nDate Reported: 04/28/2001\nBrief Description: BRS WebWeaver Web server \"dot dot\" directory\n traversal\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: BRS WebWeaver 0.63\nVulnerability: webweaver-web-directory-traversal\nX-Force URL: http://xforce.iss.net/static/6476.php\n\nDate Reported: 04/29/2001\nBrief Description: Winamp AIP buffer overflow\nRisk Factor: Low\nAttack Type: Host Based / Network Based\nPlatforms Affected: Winamp 2.6x and 2.7x\nVulnerability: winamp-aip-bo\nX-Force URL: http://xforce.iss.net/static/6479.php\n\nDate Reported: 04/29/2001\nBrief Description: BearShare \"dot dot\" allows remote attacker to traverse\n directories and download any file\nRisk Factor: Medium\nAttack Type: Network Based\nPlatforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows\n 98, Windows ME\nVulnerability: bearshare-dot-download-files\nX-Force URL: http://xforce.iss.net/static/6481.php\n\nDate Reported: 05/01/2001\nBrief Description: IIS 5.0 ISAPI extension buffer overflow\nRisk Factor: High\nAttack Type: Network Based\nPlatforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000\n Advanced Server, Windows 2000 Datacenter Server\nVulnerability: iis-isapi-bo\nX-Force URL: http://xforce.iss.net/static/6485.php\n\n_____\n\nRisk Factor Key:\n\n High Any vulnerability that provides an attacker with immediate\n access into a machine, gains superuser access, or bypasses\n a firewall. Example: A vulnerable Sendmail 8.6.5 version\n that allows an intruder to execute commands on mail\n server. \n Medium Any vulnerability that provides information that has a\n high potential of giving system access to an intruder. \n Example: A misconfigured TFTP or vulnerable NIS server\n that allows an intruder to get the password file that\n could contain an account with a guessable password. \n Low Any vulnerability that provides information that\n potentially could lead to a compromise. Example: A\n finger that allows an intruder to find out who is online\n and potential accounts to attempt to crack passwords\n via brute force methods. \n\n________\n\n\nAbout Internet Security Systems (ISS) \n\nInternet Security Systems is a leading global provider of security\nmanagement solutions for the Internet, protecting digital assets and\nensuring safe and uninterrupted e-business. With its industry-leading\nintrusion detection and vulnerability assessment software, remote managed\nsecurity services, and strategic consulting and education offerings, ISS\nis a trusted security provider to more than 8,000 customers worldwide\nincluding 21 of the 25 largest U.S. commercial banks and the top 10 U.S. \ntelecommunications companies. Founded in 1994, ISS is headquartered in\nAtlanta, GA, with additional offices throughout North America and\ninternational operations in Asia, Australia, Europe, Latin America and the\nMiddle East. For more information, visit the Internet Security Systems\nweb site at www.iss.net or call 888-901-7477. \n\nCopyright (c) 2001 by Internet Security Systems, Inc. \n\nPermission is hereby granted for the redistribution of this Alert\nelectronically. It is not to be edited in any way without express consent\nof the X-Force. If you wish to reprint the whole or any part of this Alert\nin any other medium excluding electronic medium, please e-mail\nxforce@iss.net for permission. \n\nDisclaimer\n\nThe information within this paper may change without notice. Use of this\ninformation constitutes acceptance for use in an AS IS condition. There\nare NO warranties with regard to this information. In no event shall the\nauthor be liable for any damages whatsoever arising out of or in\nconnection with the use or spread of this information. Any use of this\ninformation is at the user\u0027s own risk. \n\n\n\nX-Force PGP Key available at: http://xforce.iss.net/sensitive.php as \nwell as on MIT\u0027s PGP key server and PGP.com\u0027s key server. \n\nPlease send suggestions, updates, and comments to: X-Force xforce@iss.net\nof Internet Security Systems, Inc. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: 2.6.3a\nCharset: noconv\n\niQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD\nJ/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO\nrbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y\nOAtrNiOkj7o=\n=kYl+\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0494"
},
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "BID",
"id": "2599"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "PACKETSTORM",
"id": "24836"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "OSVDB",
"id": "5610",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2001-0494",
"trust": 1.7
},
{
"db": "BID",
"id": "2599",
"trust": 1.1
},
{
"db": "XF",
"id": "6349",
"trust": 0.9
},
{
"db": "XF",
"id": "6347",
"trust": 0.9
},
{
"db": "XF",
"id": "6350",
"trust": 0.9
},
{
"db": "BID",
"id": "2571",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#676552",
"trust": 0.8
},
{
"db": "BID",
"id": "2565",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#601312",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#555464",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136",
"trust": 0.7
},
{
"db": "XF",
"id": "6445",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20010424 IPSWITCH IMAIL 6.06 SMTP REMOTE SYSTEM ACCESS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3312",
"trust": 0.1
},
{
"db": "XF",
"id": "6382",
"trust": 0.1
},
{
"db": "XF",
"id": "6475",
"trust": 0.1
},
{
"db": "XF",
"id": "6343",
"trust": 0.1
},
{
"db": "XF",
"id": "6386",
"trust": 0.1
},
{
"db": "XF",
"id": "6328",
"trust": 0.1
},
{
"db": "XF",
"id": "6333",
"trust": 0.1
},
{
"db": "XF",
"id": "6334",
"trust": 0.1
},
{
"db": "XF",
"id": "6376",
"trust": 0.1
},
{
"db": "XF",
"id": "6345",
"trust": 0.1
},
{
"db": "XF",
"id": "6422",
"trust": 0.1
},
{
"db": "XF",
"id": "6322",
"trust": 0.1
},
{
"db": "XF",
"id": "6378",
"trust": 0.1
},
{
"db": "XF",
"id": "6342",
"trust": 0.1
},
{
"db": "XF",
"id": "6453",
"trust": 0.1
},
{
"db": "XF",
"id": "6405",
"trust": 0.1
},
{
"db": "XF",
"id": "6321",
"trust": 0.1
},
{
"db": "XF",
"id": "6377",
"trust": 0.1
},
{
"db": "XF",
"id": "6428",
"trust": 0.1
},
{
"db": "XF",
"id": "6450",
"trust": 0.1
},
{
"db": "XF",
"id": "6332",
"trust": 0.1
},
{
"db": "XF",
"id": "6410",
"trust": 0.1
},
{
"db": "XF",
"id": "6478",
"trust": 0.1
},
{
"db": "XF",
"id": "6359",
"trust": 0.1
},
{
"db": "XF",
"id": "6485",
"trust": 0.1
},
{
"db": "XF",
"id": "6414",
"trust": 0.1
},
{
"db": "XF",
"id": "6371",
"trust": 0.1
},
{
"db": "XF",
"id": "6477",
"trust": 0.1
},
{
"db": "XF",
"id": "6395",
"trust": 0.1
},
{
"db": "XF",
"id": "6394",
"trust": 0.1
},
{
"db": "XF",
"id": "6353",
"trust": 0.1
},
{
"db": "XF",
"id": "6466",
"trust": 0.1
},
{
"db": "XF",
"id": "6481",
"trust": 0.1
},
{
"db": "XF",
"id": "6329",
"trust": 0.1
},
{
"db": "XF",
"id": "6372",
"trust": 0.1
},
{
"db": "XF",
"id": "6348",
"trust": 0.1
},
{
"db": "XF",
"id": "6437",
"trust": 0.1
},
{
"db": "XF",
"id": "6367",
"trust": 0.1
},
{
"db": "XF",
"id": "6411",
"trust": 0.1
},
{
"db": "XF",
"id": "6452",
"trust": 0.1
},
{
"db": "XF",
"id": "6354",
"trust": 0.1
},
{
"db": "XF",
"id": "6344",
"trust": 0.1
},
{
"db": "XF",
"id": "6356",
"trust": 0.1
},
{
"db": "XF",
"id": "6420",
"trust": 0.1
},
{
"db": "XF",
"id": "6424",
"trust": 0.1
},
{
"db": "XF",
"id": "6365",
"trust": 0.1
},
{
"db": "XF",
"id": "6415",
"trust": 0.1
},
{
"db": "XF",
"id": "6416",
"trust": 0.1
},
{
"db": "XF",
"id": "6412",
"trust": 0.1
},
{
"db": "XF",
"id": "6391",
"trust": 0.1
},
{
"db": "XF",
"id": "6447",
"trust": 0.1
},
{
"db": "XF",
"id": "6362",
"trust": 0.1
},
{
"db": "XF",
"id": "6408",
"trust": 0.1
},
{
"db": "XF",
"id": "6331",
"trust": 0.1
},
{
"db": "XF",
"id": "6431",
"trust": 0.1
},
{
"db": "XF",
"id": "6479",
"trust": 0.1
},
{
"db": "XF",
"id": "6429",
"trust": 0.1
},
{
"db": "XF",
"id": "6392",
"trust": 0.1
},
{
"db": "XF",
"id": "6396",
"trust": 0.1
},
{
"db": "XF",
"id": "6480",
"trust": 0.1
},
{
"db": "XF",
"id": "6351",
"trust": 0.1
},
{
"db": "XF",
"id": "6468",
"trust": 0.1
},
{
"db": "XF",
"id": "6366",
"trust": 0.1
},
{
"db": "XF",
"id": "6327",
"trust": 0.1
},
{
"db": "XF",
"id": "6474",
"trust": 0.1
},
{
"db": "XF",
"id": "6319",
"trust": 0.1
},
{
"db": "XF",
"id": "6403",
"trust": 0.1
},
{
"db": "XF",
"id": "6413",
"trust": 0.1
},
{
"db": "XF",
"id": "6388",
"trust": 0.1
},
{
"db": "XF",
"id": "6363",
"trust": 0.1
},
{
"db": "XF",
"id": "6454",
"trust": 0.1
},
{
"db": "XF",
"id": "6364",
"trust": 0.1
},
{
"db": "XF",
"id": "6400",
"trust": 0.1
},
{
"db": "XF",
"id": "6339",
"trust": 0.1
},
{
"db": "XF",
"id": "6455",
"trust": 0.1
},
{
"db": "XF",
"id": "6341",
"trust": 0.1
},
{
"db": "XF",
"id": "6318",
"trust": 0.1
},
{
"db": "XF",
"id": "6436",
"trust": 0.1
},
{
"db": "XF",
"id": "6448",
"trust": 0.1
},
{
"db": "XF",
"id": "6320",
"trust": 0.1
},
{
"db": "XF",
"id": "6385",
"trust": 0.1
},
{
"db": "XF",
"id": "6379",
"trust": 0.1
},
{
"db": "XF",
"id": "6402",
"trust": 0.1
},
{
"db": "XF",
"id": "6426",
"trust": 0.1
},
{
"db": "XF",
"id": "6323",
"trust": 0.1
},
{
"db": "XF",
"id": "6369",
"trust": 0.1
},
{
"db": "XF",
"id": "6336",
"trust": 0.1
},
{
"db": "XF",
"id": "6427",
"trust": 0.1
},
{
"db": "XF",
"id": "6446",
"trust": 0.1
},
{
"db": "XF",
"id": "6368",
"trust": 0.1
},
{
"db": "XF",
"id": "6389",
"trust": 0.1
},
{
"db": "XF",
"id": "6357",
"trust": 0.1
},
{
"db": "XF",
"id": "6476",
"trust": 0.1
},
{
"db": "XF",
"id": "6401",
"trust": 0.1
},
{
"db": "XF",
"id": "6326",
"trust": 0.1
},
{
"db": "XF",
"id": "6340",
"trust": 0.1
},
{
"db": "XF",
"id": "6337",
"trust": 0.1
},
{
"db": "XF",
"id": "6473",
"trust": 0.1
},
{
"db": "XF",
"id": "6375",
"trust": 0.1
},
{
"db": "XF",
"id": "6409",
"trust": 0.1
},
{
"db": "XF",
"id": "6390",
"trust": 0.1
},
{
"db": "XF",
"id": "6335",
"trust": 0.1
},
{
"db": "XF",
"id": "6393",
"trust": 0.1
},
{
"db": "XF",
"id": "6423",
"trust": 0.1
},
{
"db": "XF",
"id": "6324",
"trust": 0.1
},
{
"db": "XF",
"id": "6404",
"trust": 0.1
},
{
"db": "XF",
"id": "6360",
"trust": 0.1
},
{
"db": "XF",
"id": "6398",
"trust": 0.1
},
{
"db": "XF",
"id": "6430",
"trust": 0.1
},
{
"db": "XF",
"id": "6406",
"trust": 0.1
},
{
"db": "XF",
"id": "6444",
"trust": 0.1
},
{
"db": "XF",
"id": "6330",
"trust": 0.1
},
{
"db": "XF",
"id": "6355",
"trust": 0.1
},
{
"db": "XF",
"id": "6407",
"trust": 0.1
},
{
"db": "XF",
"id": "6374",
"trust": 0.1
},
{
"db": "XF",
"id": "6383",
"trust": 0.1
},
{
"db": "XF",
"id": "6451",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "24836",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "BID",
"id": "2599"
},
{
"db": "PACKETSTORM",
"id": "24836"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"id": "VAR-200106-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3312"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T22:12:27.521000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/advisories/3208"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0433.html"
},
{
"trust": 1.7,
"url": "http://ipswitch.com/support/imail/news.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/5610"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6445"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/6349.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/6347.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/6350.php"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2571"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2565"
},
{
"trust": 0.8,
"url": "http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c?openview\u0026start=3.111\u0026count=30\u0026expand=3.126#3.126"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2599"
},
{
"trust": 0.8,
"url": "http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/59719a1dd92c03e385256a4d0073766b?opendocument"
},
{
"trust": 0.7,
"url": "http://xforce.iss.net/static/6445.php"
},
{
"trust": 0.3,
"url": "http://www.lotus.com/home.nsf/welcome/domino"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6323.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6330.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6392.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6444.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6455.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6468.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6452.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6423.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6327.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6395.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6485.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6402.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6362.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6366.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6336.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6451.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6334.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6406.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6427.php"
},
{
"trust": 0.1,
"url": "https://www.iss.net"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6351.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6343.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6326.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6319.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6344.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6398.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6428.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6353.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6356.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6390.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6450.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6446.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6368.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6332.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6359.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6376.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6354.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6378.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6374.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6394.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6383.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6411.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6414.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6481.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6365.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6382.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6403.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6324.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6329.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6437.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6388.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6415.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6424.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6342.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6337.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6357.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6348.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/alerts/vol-6_num-6.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6407.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6379.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6389.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6436.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6466.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6412.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6448.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6400.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6318.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6478.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6454.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6372.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6420.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6335.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6345.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6479.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6355.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6321.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6364.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6476.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6393.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6391.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6341.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6371.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6429.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6369.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6405.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6431.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6422.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6410.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6360.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6401.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6413.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6474.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6477.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6385.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6473.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6328.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6377.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6416.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6339.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6367.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6453.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6375.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/maillists/index.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6475.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6430.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6340.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6396.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6426.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6331.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6386.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/sensitive.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6333.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6480.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6409.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6447.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6404.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6320.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6408.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6322.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/6363.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "BID",
"id": "2599"
},
{
"db": "PACKETSTORM",
"id": "24836"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#676552"
},
{
"db": "CERT/CC",
"id": "VU#601312"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "BID",
"id": "2599"
},
{
"db": "PACKETSTORM",
"id": "24836"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-23T00:00:00",
"db": "CERT/CC",
"id": "VU#676552"
},
{
"date": "2001-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#601312"
},
{
"date": "2001-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#555464"
},
{
"date": "2001-06-27T00:00:00",
"db": "VULHUB",
"id": "VHN-3312"
},
{
"date": "2001-04-11T00:00:00",
"db": "BID",
"id": "2599"
},
{
"date": "2001-05-16T01:07:09",
"db": "PACKETSTORM",
"id": "24836"
},
{
"date": "2001-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"date": "2001-06-27T04:00:00",
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-26T00:00:00",
"db": "CERT/CC",
"id": "VU#676552"
},
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#601312"
},
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#555464"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3312"
},
{
"date": "2001-04-11T00:00:00",
"db": "BID",
"id": "2599"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "24836"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lotus Domino vulnerable to DoS via crafted unicode GET request",
"sources": [
{
"db": "CERT/CC",
"id": "VU#676552"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
}
],
"trust": 0.6
}
}
VAR-201103-0114
Vulnerability from variot - Updated: 2025-12-22 21:51The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. plural STARTTLS There is a vulnerability in the implementation of. plural STARTTLS Implementation of a man-in-the-middle attack (man-in-the-middle attack) May insert a command. This vulnerability is due to the fact that switching to ciphertext communication is performed at a lower layer than the application. This vulnerability is only relevant for implementations that perform certificate validation.An arbitrary command may be executed by a remote attacker who can intercept communications. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC. Postfix is ​​a mail transfer agent used in Unix-like operating systems. The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 did not properly restrict I/ O buffering effect. ========================================================================== Ubuntu Security Notice USN-1113-1 April 18, 2011
postfix vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 9.10
- Ubuntu 8.04 LTS
- Ubuntu 6.06 LTS
Summary:
An attacker could send crafted input to Postfix and cause it to reveal confidential information. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. (CVE-2009-2939)
Wietse Venema discovered that Postfix incorrectly handled cleartext commands after TLS is in place. (CVE-2011-0411)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.10: postfix 2.7.1-1ubuntu0.1
Ubuntu 10.04 LTS: postfix 2.7.0-1ubuntu0.1
Ubuntu 9.10: postfix 2.6.5-3ubuntu0.1
Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.3
Ubuntu 6.06 LTS: postfix 2.2.10-1ubuntu0.3
In general, a standard system update will make all the necessary changes.
References: CVE-2009-2939, CVE-2011-0411
Package Information: https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3 https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3
.
CVE-2011-4130 ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution.
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
References:
http://www.postfix.org/CVE-2011-0411.html
Updated Packages:
Mandriva Linux 2009.0: ed4ae86475a00faaadbda5683ee496f5 2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm 0dea42dbd5958a0a4a4e8a47d020062a 2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm 3f3c60fbe60ffa16a542ae78868042c1 2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 9fbbd20ce659012dcef2ea534b3e065c 2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm d953ece1911ad4f744b5fe5f704c2e9e 2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm fd131923aa12607939a33ab0d5a47690 2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm
Mandriva Linux 2010.0: 580032400f3f536b90509404bfa5ff50 2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm 05fe3428a8378f9c7e8282d9e62c9fdf 2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm 8e63f703e071bf7f819b98cb96eeab1d 2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 897957ada6eadf9e87bae3e26ff442fe 2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm add9ece828990b566192691992e43cc6 2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm 6c82671449daf5c7b9d6e40c4c33939b 2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.1: 441c80d9c965274c99d34fce9a4bb6ca 2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm f73c5b101a3100fa5ccf7be95cb820c1 2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm 1bf7c0076615559f213f9e90aabe1ee3 2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64: 7f83617195a06fe87d4fe91f78256ea8 2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm d0428e106e4c4233a266b62b1208f63e 2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm 04a2e708f8334b33fda7975f72c9afd0 2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm
Corporate 4.0: 2054ec719cbd8c9be8ad7e9bc654f79e corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm 2614d3560204ffb498f6c49453442d05 corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm 1fb356298d6a5c4b50b6822e8dde3e0b corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b4d4edc6889d96135330b98057bf5396 corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm 99ffba7cc4e729a617ca45a10baa9125 corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm b84684dfd4166dcf6def917014355b76 corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 3e3694e0220ab4cfc55b3d0614443d5d mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm c281cdd9b6ab44f956802cbd9d327e36 mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm ab25c5522a053fddf570a7af29f79db7 mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: dd4fbf6ccb18a342b91b2bdc07048fd9 mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm 70a0f49eaca5fd8f7a80967810fbfb7d mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm 7e6c3b99218158806d3c747f781a449b mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-33
http://security.gentoo.org/
Severity: High Title: Postfix: Multiple vulnerabilities Date: June 25, 2012 Bugs: #358085, #366605 ID: 201206-33
Synopsis
A vulnerability has been found in Postfix, the worst of which possibly allowing remote code execution.
Background
Postfix is Wietse Venema=E2=80=99s mailer that attempts to be fast, easy = to administer, and secure, as an alternative to the widely-used Sendmail program.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-mta/postfix < 2.7.4 >= 2.7.4
Description
A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Postfix users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-mta/postfix-2.7.4"
References
[ 1 ] CVE-2011-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0411 [ 2 ] CVE-2011-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1720
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-33.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . This is a writeup about a flaw that I found recently, and that existed in multiple implementations of SMTP (Simple Mail Transfer Protocol) over TLS (Transport Layer Security) including my Postfix open source mailserver. I give an overview of the problem and its impact, how to find out if a server is affected, fixes, and draw lessons about where we can expect similar problems. A time line is at the end.
For further reading: http://www.kb.cert.org/vuls/id/555316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0411 http://www.postfix.org/CVE-2011-0411.html (extended writeup)
Wietse
Problem overview and impact
The TLS protocol encrypts communication and protects it against modification by other parties. This protection exists only if a) software is free of flaws, and b) clients verify the server's TLS certificate, so that there can be no "man in the middle" (servers usually don't verify client certificates).
The problem discussed in this writeup is caused by a software flaw.
The injected commands could be used to steal the victim's email or SASL (Simple Authentication and Security Layer) username and password.
This is not as big a problem as it may appear to be. The reason is that many SMTP client applications don't verify server TLS certificates. These SMTP clients are always vulnerable to command injection and other attacks. Their TLS sessions are only encrypted but not protected.
A similar plaintext injection flaw may exist in the way SMTP clients handle SMTP-over-TLS server responses, but its impact is less interesting than the server-side flaw.
SMTP is not the only protocol with a mid-session switch from plaintext to TLS. Other examples are POP3, IMAP, NNTP and FTP. Implementations of these protocols may be affected by the same flaw as discussed here.
Demonstration
The problem is easy to demonstrate with a one-line change to the OpenSSL s_client command source code (I would prefer scripting, but having to install Perl CPAN modules and all their dependencies is more work than downloading a .tar.gz file from openssl.org, adding eight characters to one line, and doing "./config; make").
The OpenSSL s_client command can make a connection to servers that support straight TLS, SMTP over TLS, or a handful other protocols over TLS. The demonstration with SMTP over TLS involves a one-line change in the OpenSSL s_client source code (with OpenSSL 1.0.0, at line 1129 of file apps/s_client.c).
Old: BIO_printf(sbio,"STARTTLS\r\n"); New: BIO_printf(sbio,"STARTTLS\r\nRSET\r\n");
With this change, the s_client command sends the plaintext STARTTLS command ("let's turn on TLS") immediately followed by an RSET command (a relatively harmless protocol "reset"). Both commands are sent as plaintext in the same TCP/IP packet, and arrive together at the server. The "\r\n" are the carriage-return and newline characters; these are necessary to terminate an SMTP command.
When an SMTP server has the plaintext injection flaw, it reads the STARTTLS command first, switches to SMTP-over-TLS mode, and only then the server reads the RSET command. Note, the RSET command was transmitted during the plaintext SMTP phase when there is no protection, but the server reads the command as if it was received over the TLS-protected channel.
Thus, when the SMTP server has the flaw, the s_client command output will show two "250" SMTP server responses instead of one. The first "250" response is normal, and is present even when the server is not flawed. The second "250" response is for the RSET command, and indicates that the SMTP server has the plaintext injection flaw.
$ apps/openssl s_client -quiet -starttls smtp -connect server:port [some server TLS certificate details omitted] 250 some text here <=== Normal response, also with "good" server. 250 more text here <=== RSET response, only with flawed server.
Anatomy of the flaw: it's all about the plumbing
Whether a program may have the plaintext injection flaw depends on how it adjusts the plumbing, as it inserts the TLS protocol layer in-between the SMTP protocol layer and the O/S TCP/IP protocol layer. I illustrate this with examples from three open source MTAs: Postfix, Sendmail and Exim. The diagram below is best viewed with a fixed-width font, for example, from the Courier family.
Postfix MTA Sendmail MTA Exim MTA
before/after before/after before/after
switch to TLS switch to TLS switch to TLS
SMTP SMTP SMTP SMTP SMTP SMTP <= SMTP layer
|| || || || || ||
stream stream stream stream' || || buffers buffers buffers buffers' rw r'w' <= stream layer rw r'w' rw r'w' || || || || || || || || || TLS || TLS || TLS <= TLS layer || || || || || || O/S O/S O/S O/S O/S O/S <= TCP/IP layer
As shown in the diagram, both Postfix and Sendmail use an application- level stream abstraction, where each stream has properties such as read/write buffers, read/write functions (indicated with rw), and other properties that are omitted for brevity.
When Postfix switches to SMTP over TLS, it replaces the plaintext read/write functions (rw) with the TLS read/write functions (r'w'). Postfix does not modify any of the other stream properties including the read/write buffers. A patch for qmail that introduces TLS support uses the same approach. This approach of replacing only the stream read/write functions, but not the buffers or other stream properties, can introduce the plaintext injection flaw.
When Sendmail switches to SMTP over TLS, it replaces the entire stream, along with its read/write buffers and read/write functions. Exim, on the other hand, does not seem to have a stream abstraction like Postfix, Sendmail or qmail. Instead of replacing streams or stream properties, Exim replaces plaintext read/write functions with TLS read/write functions. Because of their program structure, Sendmail and Exim didn't suffer from the plaintext injection flaw.
Fixing the problem
There are two solutions to address the flaw, and both solutions can be used together.
- Report an error when unexpected plaintext is received after the STARTTLS command. As documented in RFC 3207, STARTTLS must be the last command in a pipelined group. If plaintext commands are received after STARTTLS, then that is a protocol violation.
This measure can also be implemented outside the MTA, for example in a protocol-aware firewall.
- If a program uses the same input buffer before and after the switch to TLS, it should discard the contents of the input buffer, just like it discards SMTP protocol information that it received during the plaintext protocol phase.
Conclusion
This plaintext injection problem is likely to recur when some development moves the plaintext-to-ciphertext switch outside the application: for example, into the kernel, into the local hardware, into a proxy, or into other infrastructure. This encourages applications to use the same application-level streams and buffers and read/write functions before and after the switch to ciphertext. When this migration happens, plaintext injection becomes once more a possibility.
Time line
Jan 5 2011: While finishing Postfix for its annual release, I found and fixed this flaw in the SMTP server and client implementations, where it had been sitting ever since TLS support was adopted.
Jan 6-10 2011: As we investigated the scope of the problem, Victor Duchovni (co-developer) discovered that other implementations were also affected including security providers and security appliances.
Jan 11 2011: Contact CERT/CC to help coordinate with the problem's resolution.
Mar 7 2011: Public announcement, and Postfix legacy release updates. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
CVE-2011-1720 A heap-based read-only buffer overflow allows malicious clients to crash the smtpd server process using a crafted SASL authentication request.
For the oldstable distribution (lenny), this problem has been fixed in version 2.5.5-1.1+lenny1.
For the stable distribution (squeeze), this problem has been fixed in version 2.7.1-1+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 2.8.0-1.
We recommend that you upgrade your postfix packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJNyXybAAoJEL97/wQC1SS+xb0H/igqYhOTtvO91deptOPyednw 5sBQPXGoo+RXeomLsJk8P6ezm7fEGTSl7GUEpNwS1qsqAPVnl9XAK6dOGFae1PbG 2L93eR6AKgKo60tp2On1Tf1c0HcD6yKiZ6J7C7nZ3E8+yZwSd1k6826ZUQ3gzKKW DTIu6w2CzzleK/bppWfhAvwvobHD6X1B16qklZfqw6H0C/QfMjM8ZXLCRv9Tq1TN jX1W4qeed7pr8r3pTJ9npzae7drqFLoVDi0tpGKi0UHEwgRma1AbDaI2BVmeblue YNRHg7H+TqfrUwN8iB64WrYvqnHCQfvViL8f0ML2uJXJf/lHby+vxPl6EGxAIoY= =yCCp -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0114",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.3"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.8"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.1"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.7"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.5"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.6"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.4"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.2"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.0"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.9"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.11"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.0"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.1"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.15"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.13"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.1"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.1"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.6"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.12"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.4"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.5"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.5"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.4"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.7"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.11"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.14"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.8"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.0"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.9"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.2"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.0"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.3"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.10"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.6"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.2"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.10"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.8"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.3"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.2"
},
{
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyrus imap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kerio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postfix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qmail tls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "proftpd",
"scope": "eq",
"trust": 0.8,
"vendor": "proftpd",
"version": "1.3.3"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008 and 12.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 5.6 server)"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "spamdyke",
"scope": "ne",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.4"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.9"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.9"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.5"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "pure-ftpd",
"scope": "ne",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.30"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20011115"
},
{
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.11"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.01"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.2.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20110"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.23"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "pure-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.29"
},
{
"model": "groupware server 2.1.beta3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.3"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"model": "inn",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.8"
},
{
"model": "spamdyke",
"scope": "eq",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.31"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.4"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.13"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19991231"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imap server",
"scope": "ne",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "connect build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.1.42985"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "linux enterprise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"model": "groupware server 2.1beta2",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6-20080902"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "scooffice server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "0"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.9"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.20"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.3"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.12"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.4"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.11"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.1"
},
{
"model": "netqmail",
"scope": "eq",
"trust": 0.3,
"vendor": "qmail smtpd auth",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.0.21"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.8"
},
{
"model": "groupware server beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20010228"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.4"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "starttls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "0"
},
{
"model": "mailserver build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.17069"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "venema postfix patchlevel",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.44"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19990906"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.6"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:proftpd:proftpd",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_hpc_node",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_long_life",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wietse Venema",
"sources": [
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "99053"
}
],
"trust": 0.4
},
"cve": "CVE-2011-0411",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0411",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-48356",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0411",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555316",
"trust": 0.8,
"value": "1.39"
},
{
"author": "NVD",
"id": "CVE-2011-0411",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-213",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48356",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-0411",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. plural STARTTLS There is a vulnerability in the implementation of. plural STARTTLS Implementation of a man-in-the-middle attack (man-in-the-middle attack) May insert a command. This vulnerability is due to the fact that switching to ciphertext communication is performed at a lower layer than the application. This vulnerability is only relevant for implementations that perform certificate validation.An arbitrary command may be executed by a remote attacker who can intercept communications. \nAn attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. \nThe following vendors are affected:\nIpswitch\nKerio\nPostfix\nQmail-TLS\nOracle (note that the affected application is unknown)\nSCO Group\nspamdyke\nISC. Postfix is \u200b\u200ba mail transfer agent used in Unix-like operating systems. The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 did not properly restrict I/ O buffering effect. ==========================================================================\nUbuntu Security Notice USN-1113-1\nApril 18, 2011\n\npostfix vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n- Ubuntu 9.10\n- Ubuntu 8.04 LTS\n- Ubuntu 6.06 LTS\n\nSummary:\n\nAn attacker could send crafted input to Postfix and cause it to reveal\nconfidential information. \nThis issue only affected Ubuntu 6.06 LTS and 8.04 LTS. (CVE-2009-2939)\n\nWietse Venema discovered that Postfix incorrectly handled cleartext\ncommands after TLS is in place. (CVE-2011-0411)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.10:\n postfix 2.7.1-1ubuntu0.1\n\nUbuntu 10.04 LTS:\n postfix 2.7.0-1ubuntu0.1\n\nUbuntu 9.10:\n postfix 2.6.5-3ubuntu0.1\n\nUbuntu 8.04 LTS:\n postfix 2.5.1-2ubuntu1.3\n\nUbuntu 6.06 LTS:\n postfix 2.2.10-1ubuntu0.3\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n CVE-2009-2939, CVE-2011-0411\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3\n https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3\n\n\n. \n\nCVE-2011-4130\n\tProFTPD uses a response pool after freeing it under\n\texceptional conditions, possibly leading to remote code\n\texecution. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026amp;products_id=490\n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n\n http://www.postfix.org/CVE-2011-0411.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n ed4ae86475a00faaadbda5683ee496f5 2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm\n 0dea42dbd5958a0a4a4e8a47d020062a 2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm\n 3f3c60fbe60ffa16a542ae78868042c1 2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm \n 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 9fbbd20ce659012dcef2ea534b3e065c 2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm\n d953ece1911ad4f744b5fe5f704c2e9e 2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm\n fd131923aa12607939a33ab0d5a47690 2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm \n 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm\n\n Mandriva Linux 2010.0:\n 580032400f3f536b90509404bfa5ff50 2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm\n 05fe3428a8378f9c7e8282d9e62c9fdf 2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm\n 8e63f703e071bf7f819b98cb96eeab1d 2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm \n 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 897957ada6eadf9e87bae3e26ff442fe 2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm\n add9ece828990b566192691992e43cc6 2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm\n 6c82671449daf5c7b9d6e40c4c33939b 2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm \n 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 441c80d9c965274c99d34fce9a4bb6ca 2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm\n f73c5b101a3100fa5ccf7be95cb820c1 2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm\n 1bf7c0076615559f213f9e90aabe1ee3 2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm \n 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 7f83617195a06fe87d4fe91f78256ea8 2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm\n d0428e106e4c4233a266b62b1208f63e 2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm\n 04a2e708f8334b33fda7975f72c9afd0 2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm \n 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm\n\n Corporate 4.0:\n 2054ec719cbd8c9be8ad7e9bc654f79e corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm\n 2614d3560204ffb498f6c49453442d05 corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm\n 1fb356298d6a5c4b50b6822e8dde3e0b corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm \n 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b4d4edc6889d96135330b98057bf5396 corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm\n 99ffba7cc4e729a617ca45a10baa9125 corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm\n b84684dfd4166dcf6def917014355b76 corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm \n 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 3e3694e0220ab4cfc55b3d0614443d5d mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm\n c281cdd9b6ab44f956802cbd9d327e36 mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm\n ab25c5522a053fddf570a7af29f79db7 mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm \n 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n dd4fbf6ccb18a342b91b2bdc07048fd9 mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm\n 70a0f49eaca5fd8f7a80967810fbfb7d mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm\n 7e6c3b99218158806d3c747f781a449b mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm \n 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-33\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Postfix: Multiple vulnerabilities\n Date: June 25, 2012\n Bugs: #358085, #366605\n ID: 201206-33\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability has been found in Postfix, the worst of which possibly\nallowing remote code execution. \n\nBackground\n==========\n\nPostfix is Wietse Venema=E2=80=99s mailer that attempts to be fast, easy =\nto\nadminister, and secure, as an alternative to the widely-used Sendmail\nprogram. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 mail-mta/postfix \u003c 2.7.4 \u003e= 2.7.4\n\nDescription\n===========\n\nA vulnerability have been discovered in Postfix. Please review the CVE\nidentifier referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Postfix users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=mail-mta/postfix-2.7.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0411\n[ 2 ] CVE-2011-1720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1720\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-33.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. This is a writeup about a flaw that I found recently, and that\nexisted in multiple implementations of SMTP (Simple Mail Transfer\nProtocol) over TLS (Transport Layer Security) including my Postfix\nopen source mailserver. I give an overview of the problem and its\nimpact, how to find out if a server is affected, fixes, and draw\nlessons about where we can expect similar problems. A time line\nis at the end. \n\nFor further reading:\nhttp://www.kb.cert.org/vuls/id/555316 \nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0411\nhttp://www.postfix.org/CVE-2011-0411.html (extended writeup)\n\n\tWietse\n\nProblem overview and impact\n===========================\n\nThe TLS protocol encrypts communication and protects it against\nmodification by other parties. This protection exists only if a)\nsoftware is free of flaws, and b) clients verify the server\u0027s TLS\ncertificate, so that there can be no \"man in the middle\" (servers\nusually don\u0027t verify client certificates). \n\nThe problem discussed in this writeup is caused by a software flaw. \n\nThe injected commands could be used to steal the victim\u0027s email or\nSASL (Simple Authentication and Security Layer) username and password. \n\nThis is not as big a problem as it may appear to be. The reason\nis that many SMTP client applications don\u0027t verify server TLS\ncertificates. These SMTP clients are always vulnerable to command\ninjection and other attacks. Their TLS sessions are only encrypted\nbut not protected. \n\nA similar plaintext injection flaw may exist in the way SMTP clients\nhandle SMTP-over-TLS server responses, but its impact is less\ninteresting than the server-side flaw. \n\nSMTP is not the only protocol with a mid-session switch from plaintext\nto TLS. Other examples are POP3, IMAP, NNTP and FTP. Implementations\nof these protocols may be affected by the same flaw as discussed here. \n\nDemonstration\n=============\n\nThe problem is easy to demonstrate with a one-line change to the\nOpenSSL s_client command source code (I would prefer scripting, but\nhaving to install Perl CPAN modules and all their dependencies is\nmore work than downloading a .tar.gz file from openssl.org, adding\neight characters to one line, and doing \"./config; make\"). \n\nThe OpenSSL s_client command can make a connection to servers that\nsupport straight TLS, SMTP over TLS, or a handful other protocols\nover TLS. The demonstration with SMTP over TLS involves a one-line\nchange in the OpenSSL s_client source code (with OpenSSL 1.0.0, at\nline 1129 of file apps/s_client.c). \n\nOld:\t\tBIO_printf(sbio,\"STARTTLS\\r\\n\");\nNew:\t\tBIO_printf(sbio,\"STARTTLS\\r\\nRSET\\r\\n\");\n\nWith this change, the s_client command sends the plaintext STARTTLS\ncommand (\"let\u0027s turn on TLS\") immediately followed by an RSET command\n(a relatively harmless protocol \"reset\"). Both commands are sent\nas plaintext in the same TCP/IP packet, and arrive together at the\nserver. The \"\\r\\n\" are the carriage-return and newline characters;\nthese are necessary to terminate an SMTP command. \n\nWhen an SMTP server has the plaintext injection flaw, it reads the\nSTARTTLS command first, switches to SMTP-over-TLS mode, and only\nthen the server reads the RSET command. Note, the RSET command was\ntransmitted during the plaintext SMTP phase when there is no\nprotection, but the server reads the command as if it was received\nover the TLS-protected channel. \n\nThus, when the SMTP server has the flaw, the s_client command output\nwill show two \"250\" SMTP server responses instead of one. The first\n\"250\" response is normal, and is present even when the server is\nnot flawed. The second \"250\" response is for the RSET command, and\nindicates that the SMTP server has the plaintext injection flaw. \n\n $ apps/openssl s_client -quiet -starttls smtp -connect server:port\n [some server TLS certificate details omitted]\n 250 some text here \u003c=== Normal response, also with \"good\" server. \n 250 more text here \u003c=== RSET response, only with flawed server. \n\nAnatomy of the flaw: it\u0027s all about the plumbing\n================================================\n\nWhether a program may have the plaintext injection flaw depends on\nhow it adjusts the plumbing, as it inserts the TLS protocol layer\nin-between the SMTP protocol layer and the O/S TCP/IP protocol\nlayer. I illustrate this with examples from three open source MTAs:\nPostfix, Sendmail and Exim. The diagram below is best viewed with\na fixed-width font, for example, from the Courier family. \n\n Postfix MTA Sendmail MTA Exim MTA\n before/after before/after before/after\n switch to TLS switch to TLS switch to TLS\n\n SMTP SMTP SMTP SMTP SMTP SMTP \u003c= SMTP layer\n || || || || || ||\n stream stream stream stream\u0027 || ||\n buffers buffers buffers buffers\u0027 rw r\u0027w\u0027 \u003c= stream layer\n rw r\u0027w\u0027 rw r\u0027w\u0027 || ||\n || || || || || ||\n || TLS || TLS || TLS \u003c= TLS layer\n || || || || || ||\n O/S O/S O/S O/S O/S O/S \u003c= TCP/IP layer\n\nAs shown in the diagram, both Postfix and Sendmail use an application-\nlevel stream abstraction, where each stream has properties such as\nread/write buffers, read/write functions (indicated with rw), and\nother properties that are omitted for brevity. \n\nWhen Postfix switches to SMTP over TLS, it replaces the plaintext\nread/write functions (rw) with the TLS read/write functions (r\u0027w\u0027). \nPostfix does not modify any of the other stream properties including\nthe read/write buffers. A patch for qmail that introduces TLS\nsupport uses the same approach. This approach of replacing only\nthe stream read/write functions, but not the buffers or other stream\nproperties, can introduce the plaintext injection flaw. \n\nWhen Sendmail switches to SMTP over TLS, it replaces the entire\nstream, along with its read/write buffers and read/write functions. \nExim, on the other hand, does not seem to have a stream abstraction\nlike Postfix, Sendmail or qmail. Instead of replacing streams or\nstream properties, Exim replaces plaintext read/write functions\nwith TLS read/write functions. Because of their program structure,\nSendmail and Exim didn\u0027t suffer from the plaintext injection flaw. \n\nFixing the problem\n==================\n\nThere are two solutions to address the flaw, and both solutions can\nbe used together. \n\n- Report an error when unexpected plaintext is received after the\n STARTTLS command. As documented in RFC 3207, STARTTLS must be\n the last command in a pipelined group. If plaintext commands are\n received after STARTTLS, then that is a protocol violation. \n\n This measure can also be implemented outside the MTA, for example\n in a protocol-aware firewall. \n\n- If a program uses the same input buffer before and after the\n switch to TLS, it should discard the contents of the input buffer,\n just like it discards SMTP protocol information that it received\n during the plaintext protocol phase. \n\nConclusion\n==========\n\nThis plaintext injection problem is likely to recur when some\ndevelopment moves the plaintext-to-ciphertext switch outside the\napplication: for example, into the kernel, into the local hardware,\ninto a proxy, or into other infrastructure. This encourages\napplications to use the same application-level streams and buffers\nand read/write functions before and after the switch to ciphertext. \nWhen this migration happens, plaintext injection becomes once more\na possibility. \n\nTime line\n=========\n\nJan 5 2011: While finishing Postfix for its annual release, I found\nand fixed this flaw in the SMTP server and client implementations,\nwhere it had been sitting ever since TLS support was adopted. \n\nJan 6-10 2011: As we investigated the scope of the problem, Victor\nDuchovni (co-developer) discovered that other implementations were\nalso affected including security providers and security appliances. \n\nJan 11 2011: Contact CERT/CC to help coordinate with the problem\u0027s\nresolution. \n\nMar 7 2011: Public announcement, and Postfix legacy release updates. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-2939\n The postinst script grants the postfix user write access to\n /var/spool/postfix/pid, which might allow local users to\n conduct symlink attacks that overwrite arbitrary files. \n\nCVE-2011-1720\n A heap-based read-only buffer overflow allows malicious\n clients to crash the smtpd server process using a crafted SASL\n authentication request. \n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 2.5.5-1.1+lenny1. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.7.1-1+squeeze1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.8.0-1. \n\nWe recommend that you upgrade your postfix packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niQEcBAEBAgAGBQJNyXybAAoJEL97/wQC1SS+xb0H/igqYhOTtvO91deptOPyednw\n5sBQPXGoo+RXeomLsJk8P6ezm7fEGTSl7GUEpNwS1qsqAPVnl9XAK6dOGFae1PbG\n2L93eR6AKgKo60tp2On1Tf1c0HcD6yKiZ6J7C7nZ3E8+yZwSd1k6826ZUQ3gzKKW\nDTIu6w2CzzleK/bppWfhAvwvobHD6X1B16qklZfqw6H0C/QfMjM8ZXLCRv9Tq1TN\njX1W4qeed7pr8r3pTJ9npzae7drqFLoVDi0tpGKi0UHEwgRma1AbDaI2BVmeblue\nYNRHg7H+TqfrUwN8iB64WrYvqnHCQfvViL8f0ML2uJXJf/lHby+vxPl6EGxAIoY=\n=yCCp\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0411"
},
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316",
"trust": 3.8
},
{
"db": "NVD",
"id": "CVE-2011-0411",
"trust": 3.5
},
{
"db": "BID",
"id": "46767",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "43646",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2011-0611",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1025179",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "43874",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0891",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0752",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "71021",
"trust": 1.8
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/08/10/2",
"trust": 1.1
},
{
"db": "XF",
"id": "65932",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "99457",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114177",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "107027",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99053",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99392",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-48356",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0411",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101275",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"id": "VAR-201103-0114",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48356"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T21:51:04.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "postfix-2.3.3-2.10.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1399"
},
{
"title": "2211",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2211"
},
{
"title": "2212",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2212"
},
{
"title": "3624",
"trust": 0.8,
"url": "http://bugs.proftpd.org/show_bug.cgi?id=3624"
},
{
"title": "NEWS-1.3.3e",
"trust": 0.8,
"url": "http://www.proftpd.org/docs/NEWS-1.3.3e"
},
{
"title": "NEWS-1.3.4rc2",
"trust": 0.8,
"url": "http://www.proftpd.org/docs/NEWS-1.3.4rc2"
},
{
"title": "RHSA-2011:0422",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0422.html"
},
{
"title": "RHSA-2011:0423",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2011-0423.html"
},
{
"title": "TLSA-2011-13",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-13j.txt"
},
{
"title": "TLSA-2013-4",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2013/TLSA-2013-4j.html"
},
{
"title": "Postfix STARTTLS Achieve repair measures for plaintext command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159437"
},
{
"title": "Debian CVElist Bug Report Logs: postfix STARTTLS affected by CVE-2011-0411",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=74282b8fe400ed6ddbb6171a1052e2fd"
},
{
"title": "Debian CVElist Bug Report Logs: [CVE-2011-4130] Use-after-free issue",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=f7453f9ff437afb706c192fb10d67eb2"
},
{
"title": "Debian CVElist Bug Report Logs: inn: CVE-2012-3523 prone to STARTTLS plaintext command injection",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a774850c70017348487727b907fda84b"
},
{
"title": "Debian CVElist Bug Report Logs: courier: CVE-2021-38084",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9dc8ffd76b724b58108eb46bc913121c"
},
{
"title": "Debian CVElist Bug Report Logs: STARTTLS plaintext command injection",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b03b4eab65949f1c915b1538f80e6a4b"
},
{
"title": "Ubuntu Security Notice: postfix vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1113-1"
},
{
"title": "Debian Security Advisories: DSA-2346-2 proftpd-dfsg -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a1db5959643fcc6f1957a67359aa92ed"
},
{
"title": "Debian Security Advisories: DSA-2233-1 postfix -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=96aadd3bb66ec0adb18615b395c09544"
},
{
"title": "Vision",
"trust": 0.1,
"url": "https://github.com/CoolerVoid/Vision "
},
{
"title": "Vision2",
"trust": 0.1,
"url": "https://github.com/CoolerVoid/Vision2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/46767"
},
{
"trust": 2.6,
"url": "http://securitytracker.com/id?1025179"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/43646"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"trust": 2.3,
"url": "http://www.postfix.org/cve-2011-0411.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"trust": 1.9,
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht5002"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/moro-8elh6z"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/056560.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/056559.html"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/71021"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0422.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0423.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/43874"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0411"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2595"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3207"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4642"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=674814"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/archive/softwarecenter.asp"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/65932"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu555316"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0411"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0411"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000101.html"
},
{
"trust": 0.3,
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"trust": 0.3,
"url": "http://cyrusimap.org/mediawiki/index.php/bugs_resolved_in_2.4.7"
},
{
"trust": 0.3,
"url": "https://www.isc.org/software/inn/2.5.3article"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m4p"
},
{
"trust": 0.3,
"url": "http://files.kolab.org/server/release/kolab-server-2.3.2/sources/release-notes.txt"
},
{
"trust": 0.3,
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"trust": 0.3,
"url": "http://www.watchguard.com/support/release-notes/xcs/9/en-us/en_releasenotes_xcs_9_1_1/en_releasenotes_wg_xcs_9_1_tls_hotfix.pdf"
},
{
"trust": 0.3,
"url": "http://www.spamdyke.org/documentation/changelog.txt"
},
{
"trust": 0.3,
"url": "http://datatracker.ietf.org/doc/draft-josefsson-kerberos5-starttls/?include_text=1"
},
{
"trust": 0.3,
"url": "/archive/1/516901"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100134676"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100141041"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850478"
},
{
"trust": 0.3,
"url": "http://inoa.net/qmail-tls/vu555316.patch"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2939"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1720"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617849"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1113-1/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4130"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1720"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0411"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2011-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-48356"
},
{
"date": "2011-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46767"
},
{
"date": "2011-04-18T22:40:46",
"db": "PACKETSTORM",
"id": "100558"
},
{
"date": "2011-11-16T04:40:08",
"db": "PACKETSTORM",
"id": "107027"
},
{
"date": "2011-03-18T21:45:06",
"db": "PACKETSTORM",
"id": "99457"
},
{
"date": "2012-06-25T22:58:41",
"db": "PACKETSTORM",
"id": "114177"
},
{
"date": "2011-03-07T19:44:44",
"db": "PACKETSTORM",
"id": "99053"
},
{
"date": "2011-05-10T18:42:48",
"db": "PACKETSTORM",
"id": "101275"
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"date": "2011-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"date": "2011-03-16T22:55:02.717000",
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-08T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-48356"
},
{
"date": "2021-08-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "46767"
},
{
"date": "2021-08-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"date": "2013-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001357"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "STARTTLS plaintext command injection vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
}
],
"trust": 0.6
}
}
VAR-201103-0090
Vulnerability from variot - Updated: 2025-04-11 21:38The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. This vulnerability is related to plain text command injection attacks. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system.
SOLUTION: Restrict access to trusted hosts only.
PROVIDED AND/OR DISCOVERED BY: Wietse Venema via US-CERT. ----------------------------------------------------------------------
Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies.
SOLUTION: Apply fixes. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Kerio Connect "STARTTLS" Plaintext Injection Vulnerability
SECUNIA ADVISORY ID: SA43678
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43678/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43678
RELEASE DATE: 2011-03-12
DISCUSS ADVISORY: http://secunia.com/advisories/43678/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43678/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43678
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Kerio Connect, which can be exploited by malicious people to manipulate certain data.
The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase.
The vulnerability is reported in version 7.1.4 build 2985. Other versions may also be affected.
SOLUTION: Reportedly, the vendor will fix this in an upcoming version.
PROVIDED AND/OR DISCOVERED BY: Wietse Venema
ORIGINAL ADVISORY: US-CERT VU#555316: http://www.kb.cert.org/vuls/id/555316 http://www.kb.cert.org/vuls/id/MAPG-8D9M4P
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "lte",
"trust": 1.8,
"vendor": "ipswitch",
"version": "11.03"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11.02"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.00"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.06"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "*"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "8.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "server_8.2_hotfix_2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10.02"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11.01"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyrus imap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kerio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postfix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qmail tls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"model": "spamdyke",
"scope": "ne",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.4"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.9"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.5"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "pure-ftpd",
"scope": "ne",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.30"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20011115"
},
{
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.01"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.2.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20110"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.23"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "pure-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.29"
},
{
"model": "groupware server 2.1.beta3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.3"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"model": "inn",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.8"
},
{
"model": "spamdyke",
"scope": "eq",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.31"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.4"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.13"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19991231"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "imap server",
"scope": "ne",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "connect build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.1.42985"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux enterprise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"model": "groupware server 2.1beta2",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6-20080902"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "scooffice server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "0"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.9"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.20"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.3"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.12"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.4"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.11"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.1"
},
{
"model": "netqmail",
"scope": "eq",
"trust": 0.3,
"vendor": "qmail smtpd auth",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.0.21"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.8"
},
{
"model": "groupware server beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20010228"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.4"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.2"
},
{
"model": "starttls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "0"
},
{
"model": "mailserver build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.17069"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.5"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "venema postfix patchlevel",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.44"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19990906"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.6"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
}
],
"trust": 0.4
},
"cve": "CVE-2011-1430",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1430",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-49375",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-1430",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555316",
"trust": 0.8,
"value": "1.39"
},
{
"author": "NVD",
"id": "CVE-2011-1430",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-223",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-49375",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. This vulnerability is related to plain text command injection attacks. \nAn attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. \nThe following vendors are affected:\nIpswitch\nKerio\nPostfix\nQmail-TLS\nOracle (note that the affected application is unknown)\nSCO Group\nspamdyke\nISC. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nWietse Venema via US-CERT. ----------------------------------------------------------------------\n\n\nAlerts when vulnerabilities pose a threat to your infrastructure\nThe enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. \n\nSOLUTION:\nApply fixes. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nKerio Connect \"STARTTLS\" Plaintext Injection Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43678\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43678/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678\n\nRELEASE DATE:\n2011-03-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43678/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43678/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Kerio Connect, which can be\nexploited by malicious people to manipulate certain data. \n\nThe vulnerability is caused due to the TLS implementation not\nproperly clearing transport layer buffers when upgrading from\nplaintext to ciphertext after receiving the \"STARTTLS\" command. This\ncan be exploited to insert arbitrary plaintext data (e.g. SMTP\ncommands) during the plaintext phase, which will then be executed\nafter upgrading to the TLS ciphertext phase. \n\nThe vulnerability is reported in version 7.1.4 build 2985. Other\nversions may also be affected. \n\nSOLUTION:\nReportedly, the vendor will fix this in an upcoming version. \n\nPROVIDED AND/OR DISCOVERED BY:\nWietse Venema\n\nORIGINAL ADVISORY:\nUS-CERT VU#555316:\nhttp://www.kb.cert.org/vuls/id/555316\nhttp://www.kb.cert.org/vuls/id/MAPG-8D9M4P\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1430"
},
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2011-1430",
"trust": 2.8
},
{
"db": "BID",
"id": "46767",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43676",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0609",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "71020",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223",
"trust": 0.7
},
{
"db": "XF",
"id": "65932",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "45857",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "44753",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "43678",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-49375",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101909",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99104",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99217",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"id": "VAR-201103-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-49375"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T21:38:49.359000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ipswitch.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/mapg-8dbrd4"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46767"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/71020"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43676"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0609"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2595"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3207"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4642"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=674814"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/archive/softwarecenter.asp"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1430"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1430"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65932"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m4p"
},
{
"trust": 0.4,
"url": "http://www.watchguard.com/support/release-notes/xcs/9/en-us/en_releasenotes_xcs_9_1_1/en_releasenotes_wg_xcs_9_1_tls_hotfix.pdf"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000101.html"
},
{
"trust": 0.3,
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"trust": 0.3,
"url": "http://cyrusimap.org/mediawiki/index.php/bugs_resolved_in_2.4.7"
},
{
"trust": 0.3,
"url": "https://www.isc.org/software/inn/2.5.3article"
},
{
"trust": 0.3,
"url": "http://files.kolab.org/server/release/kolab-server-2.3.2/sources/release-notes.txt"
},
{
"trust": 0.3,
"url": "http://www.postfix.org/cve-2011-0411.html"
},
{
"trust": 0.3,
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"trust": 0.3,
"url": "http://www.spamdyke.org/documentation/changelog.txt"
},
{
"trust": 0.3,
"url": "http://datatracker.ietf.org/doc/draft-josefsson-kerberos5-starttls/?include_text=1"
},
{
"trust": 0.3,
"url": "/archive/1/516901"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100134676"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100141041"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850478"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"trust": 0.3,
"url": "http://inoa.net/qmail-tls/vu555316.patch"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45857/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45857"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45857/#comments"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m6a"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44753/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m75"
},
{
"trust": 0.1,
"url": "http://www.youtube.com/user/secunia#p/a/u/0/m1y9sjqr2sy"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44753"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44753/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43676/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43676/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43676"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43678/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43678/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2011-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-49375"
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46767"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"date": "2011-09-08T08:14:47",
"db": "PACKETSTORM",
"id": "104917"
},
{
"date": "2011-06-01T04:21:33",
"db": "PACKETSTORM",
"id": "101909"
},
{
"date": "2011-03-09T06:30:49",
"db": "PACKETSTORM",
"id": "99104"
},
{
"date": "2011-03-14T11:35:55",
"db": "PACKETSTORM",
"id": "99217"
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"date": "2011-03-16T22:55:04.747000",
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-08T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-49375"
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "46767"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "STARTTLS plaintext command injection vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
}
],
"trust": 0.6
}
}
VAR-200703-0303
Vulnerability from variot - Updated: 2025-04-10 23:21Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control. A buffer overflow vulnerability exists in the IMAILAPILib ActiveX control (IMailAPI.dll) of Ipswitch IMail Server versions prior to 2006.2.
Want a new job? http://secunia.com/secunia_vacancies/
Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/
TITLE: Ipswitch IMail Server/Collaboration Suite Multiple Buffer Overflows
SECUNIA ADVISORY ID: SA24422
VERIFY ADVISORY: http://secunia.com/advisories/24422/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite 2006 http://secunia.com/product/8652/ IMail Server 2006 http://secunia.com/product/8653/
DESCRIPTION: Some vulnerabilities have been reported in Ipswitch IMail Server/Collaboration Suite, which potentially can be exploited by malicious people to compromise a vulnerable system.
1) Unspecified errors within the IMailServer.WebConnect, IMailLDAPService.Sync3, IMailLDAPService.Init3, IMailServer.Connect, and IMailUserCollection.SetReplyTo components can be exploited to cause buffer overflows via specially crafted packets.
2) An error within an unspecified ActiveX control can be exploited to execute arbitrary code when a user e.g. visits a malicious web site.
SOLUTION: Update to version 2006.2 (Standard Edition only): ftp://ftp.ipswitch.com/Ipswitch/Product_Downloads/ICS_Standard.exe
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Ipswitch: http://www.ipswitch.com/support/ics/updates/ics20062.asp http://support.ipswitch.com/kb/IM-20070305-JH01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail premium",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail plus",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_standard"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "lt",
"trust": 0.8,
"vendor": "ipswitch",
"version": "server"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "54869"
}
],
"trust": 0.1
},
"cve": "CVE-2007-1637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-1637",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-24999",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1637",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-1637",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-591",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-24999",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control. A buffer overflow vulnerability exists in the IMAILAPILib ActiveX control (IMailAPI.dll) of Ipswitch IMail Server versions prior to 2006.2. \n\n----------------------------------------------------------------------\n\nWant a new job?\nhttp://secunia.com/secunia_vacancies/\n\nSecunia is looking for new researchers with a reversing background\nand experience in writing exploit code:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\nhttp://secunia.com/Disassembling_og_Reversing/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch IMail Server/Collaboration Suite Multiple Buffer Overflows\n\nSECUNIA ADVISORY ID:\nSA24422\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24422/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite 2006\nhttp://secunia.com/product/8652/\nIMail Server 2006\nhttp://secunia.com/product/8653/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Ipswitch IMail\nServer/Collaboration Suite, which potentially can be exploited by\nmalicious people to compromise a vulnerable system. \n\n1) Unspecified errors within the IMailServer.WebConnect,\nIMailLDAPService.Sync3, IMailLDAPService.Init3, IMailServer.Connect,\nand IMailUserCollection.SetReplyTo components can be exploited to\ncause buffer overflows via specially crafted packets. \n\n2) An error within an unspecified ActiveX control can be exploited to\nexecute arbitrary code when a user e.g. visits a malicious web site. \n\nSOLUTION:\nUpdate to version 2006.2 (Standard Edition only):\nftp://ftp.ipswitch.com/Ipswitch/Product_Downloads/ICS_Standard.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nIpswitch:\nhttp://www.ipswitch.com/support/ics/updates/ics20062.asp\nhttp://support.ipswitch.com/kb/IM-20070305-JH01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1637"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "PACKETSTORM",
"id": "54869"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1637",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "24422",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1017737",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0853",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20070307 IPSWITCH IMAIL SERVER 2006 MULTIPLE ACTIVEX CONTROL BUFFER OVERFLOW VULNERABILITIE",
"trust": 0.6
},
{
"db": "BID",
"id": "83550",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-24999",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54869",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"id": "VAR-200703-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:21:02.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IM-20070305-JH01",
"trust": 0.8,
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.ipswitch.com/kb/im-20070305-jh01.htm"
},
{
"trust": 1.7,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017737"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24422"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1637"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1637"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0853"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/disassembling_og_reversing/"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/ics/updates/ics20062.asp"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24422/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-24999"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"date": "2007-03-08T00:54:52",
"db": "PACKETSTORM",
"id": "54869"
},
{
"date": "2007-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"date": "2007-03-23T22:19:00",
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-24999"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"date": "2007-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server of IMAILAPILib ActiveX Control buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
}
],
"trust": 0.6
}
}
VAR-200709-0023
Vulnerability from variot - Updated: 2025-04-10 23:07Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. Ipswitch IMail Server is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Versions between Ipswitch IMail Server 8.01 and 8.11 are vulnerable to this issue; other versions may also be affected. NOTE: This issue may be related to previously disclosed vulnerabilities in IMail, but due to a lack of information we cannot confirm this. We will update this BID as more information emerges. IPSwitch IMail is a Windows-based mail service program. There is a buffer overflow vulnerability in IPSwitch IMail's iaspam.dll, which may be exploited by remote attackers to control the server. Relevant details: loc_1001ada5 ==> Pay attention to the difference in loading base address during dynamic debugging. mov eax, [ebp+var_54] mov ecx, [eax+10c8h] push ecx ; char * mov edx, [ebp+var_54] mov eax, [edx+10d0h] push eax ; char * call _strcpy add esp, 8 jmp loc_1001a6f0 Here, the two buffers of strcpy, the pointers of src and dst are read directly from the heap without any check before, so send a malicious email to the server (SMD file), and then control the two buffers at the subsequent offset address, you can copy any string to any memory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200709-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "8.01 to 8.11"
}
],
"sources": [
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "axis axis@ph4nt0m)",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-5094",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-28456",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5094",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-5094",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200709-391",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-28456",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string \"MIME\" by itself on a line in the header, and a long Content-Transfer-Encoding header line. Ipswitch IMail Server is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. \nAttackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nVersions between Ipswitch IMail Server 8.01 and 8.11 are vulnerable to this issue; other versions may also be affected. \nNOTE: This issue may be related to previously disclosed vulnerabilities in IMail, but due to a lack of information we cannot confirm this. We will update this BID as more information emerges. IPSwitch IMail is a Windows-based mail service program. There is a buffer overflow vulnerability in IPSwitch IMail\u0027s iaspam.dll, which may be exploited by remote attackers to control the server. Relevant details: loc_1001ada5 ==\u003e Pay attention to the difference in loading base address during dynamic debugging. mov eax, [ebp+var_54] mov ecx, [eax+10c8h] push ecx ; char * mov edx, [ebp+var_54] mov eax, [edx+10d0h] push eax ; char * call _strcpy add esp, 8 jmp loc_1001a6f0 Here, the two buffers of strcpy, the pointers of src and dst are read directly from the heap without any check before, so send a malicious email to the server (SMD file), and then control the two buffers at the subsequent offset address, you can copy any string to any memory",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5094"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "VULHUB",
"id": "VHN-28456"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-28456",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5094",
"trust": 2.8
},
{
"db": "BID",
"id": "25762",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "4438",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39390",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441",
"trust": 0.8
},
{
"db": "MILW0RM",
"id": "4438",
"trust": 0.6
},
{
"db": "XF",
"id": "36723",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-28456",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"id": "VAR-200709-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:07:25.365000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IMail Server",
"trust": 0.8,
"url": "http://www.imailserver.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25762"
},
{
"trust": 1.7,
"url": "http://pstgroup.blogspot.com/2007/09/exploitimail-iaspamdll-80x-remote-heap.html"
},
{
"trust": 1.7,
"url": "http://osvdb.org/39390"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/4438"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36723"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5094"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5094"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/4438"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/36723"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-28456"
},
{
"date": "2007-09-21T00:00:00",
"db": "BID",
"id": "25762"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"date": "2007-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"date": "2007-09-26T22:17:00",
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-28456"
},
{
"date": "2015-05-07T17:35:00",
"db": "BID",
"id": "25762"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"date": "2007-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail SMTP Server IASPAM.DLL Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "25762"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
}
}
VAR-200901-0467
Vulnerability from variot - Updated: 2025-04-10 22:57Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability.The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition. Authentication is required to exploit this vulnerability.The specific flaw exists due to a lack of bounds checking during theparsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs. Ipswitch IMail Server is prone to multiple buffer-overflow vulnerabilities because the software fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer. Successful attacks allow arbitrary code to run, facilitating the remote compromise of affected computers. Exploit attempts may also cause the application to crash. Ipswitch IMail Server 2006 is vulnerable to these issues; other versions may also be affected. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system. IMail bundles an IMAP daemon (imapd32.exe) that allows users to access mail. ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-042.html July 24, 2007
-- CVE ID: CVE-2007-2795
-- Affected Vendor: Ipswitch
-- Affected Products: Ipswitch IMail Ipswitch Collaboration Suite
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since July 24, 2007 by Digital Vaccine protection filter ID 5224.
-- Vendor Response: Ipswitch has issued an update to correct this vulnerability. More details can be found at:
http://www.ipswitch.com/support/imail/releases/im200621.asp
-- Disclosure Timeline: 2007.02.26 - Vulnerability reported to vendor 2007.07.24 - Digital Vaccine released to TippingPoint customers 2007.07.24 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by Sebastian Apelt (webmaster@buzzworld.org).
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0467",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"model": "imail",
"scope": null,
"trust": 1.4,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "lte",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006.21"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail server",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail server",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.21"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastian Apelt (webmaster@buzzworld.org)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
}
],
"trust": 1.4
},
"cve": "CVE-2007-2795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2007-2795",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-26157",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2795",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-2795",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-363",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-26157",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability.The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition. Authentication is required to exploit this vulnerability.The specific flaw exists due to a lack of bounds checking during theparsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs. Ipswitch IMail Server is prone to multiple buffer-overflow vulnerabilities because the software fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer. \nSuccessful attacks allow arbitrary code to run, facilitating the remote compromise of affected computers. Exploit attempts may also cause the application to crash. \nIpswitch IMail Server 2006 is vulnerable to these issues; other versions may also be affected. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. IMail bundles an IMAP daemon (imapd32.exe) that allows users to access mail. ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption\n Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-042.html\nJuly 24, 2007\n\n-- CVE ID:\nCVE-2007-2795\n\n-- Affected Vendor:\nIpswitch\n\n-- Affected Products:\nIpswitch IMail\nIpswitch Collaboration Suite\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability since July 24, 2007 by Digital Vaccine protection\nfilter ID 5224. \n\n\n-- Vendor Response:\nIpswitch has issued an update to correct this vulnerability. More\ndetails can be found at:\n\n http://www.ipswitch.com/support/imail/releases/im200621.asp\n\n-- Disclosure Timeline:\n2007.02.26 - Vulnerability reported to vendor\n2007.07.24 - Digital Vaccine released to TippingPoint customers\n2007.07.24 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by Sebastian Apelt\n(webmaster@buzzworld.org). \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product. \n\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited. If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2795"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26157",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2795",
"trust": 4.4
},
{
"db": "ZDI",
"id": "ZDI-07-042",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-07-043",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-166",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-179",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363",
"trust": 0.7
},
{
"db": "BID",
"id": "24962",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "58013",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "58012",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-66887",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "9662",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26157",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"id": "VAR-200901-0467",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T22:57:36.360000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "im200621",
"trust": 2.2,
"url": "http://www.ipswitch.com/support/imail/releases/im200621.asp"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.ipswitch.com/support/imail/releases/im200621.asp"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-042/"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-043/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2795"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2795"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-042.html"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-043.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.3,
"url": "http://docs.ipswitch.com/imail%202006.21/releasenotes/imail_relnotes.htm#newrelease"
},
{
"trust": 0.3,
"url": "/archive/1/474040"
},
{
"trust": 0.3,
"url": "/archive/1/474552"
},
{
"trust": 0.3,
"url": "/archive/1/474553"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2795"
},
{
"trust": 0.2,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.2,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"date": "2009-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-26157"
},
{
"date": "2007-07-18T00:00:00",
"db": "BID",
"id": "24962"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"date": "2007-07-25T04:32:46",
"db": "PACKETSTORM",
"id": "58013"
},
{
"date": "2007-07-25T04:31:47",
"db": "PACKETSTORM",
"id": "58012"
},
{
"date": "2007-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"date": "2009-01-27T23:30:00.187000",
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-26157"
},
{
"date": "2016-07-05T21:38:00",
"db": "BID",
"id": "24962"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "24962"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.6
}
}
VAR-199912-0146
Vulnerability from variot - Updated: 2025-04-03 22:42Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. The encryption scheme used is weak and has been broken. The following description of the mechanism used is quoted from Matt Conover's post to Bugtraq, linked to in full in the Credits section. ENCRYPTION SCHEME Take the lowercase of the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Take each letter of the password, find it's ASCII equivalent and add the offset (ASCII value of first char of the account name minus 97) then subtract the corresponding difference. Use the differences recursively if the password length is greater than the length of the account name. This gives you the character's new ASCII value. Next, Look it up the new ASCII value in the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt) and you now have the encrypted letter. Example: Account Name: mike m = 109 i = 105 k = 107 e = 101 Differences: First - First: 0 First - Second: 4 First - Third: 2 First - Fourth: 8 Unencrypted Password: rocks r = 114 o = 111 c = 99 k = 107 s = 115 (ASCII value + offset) - difference: offset: (109 - 97) = 12 (114 + 12) - 0 = 126 (111 + 12) - 4 = 119 (99 + 12) - 2 = 109 (107 + 12) - 8 = 111 (115 + 12) - 0 = 127 126 = DF 119 = D8 109 = CE 111 = D0 127 = E0 Encrypted Password: DFD8CED0E0 The decryption scheme is a little easier. First, like the encryption scheme, take the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Now split the encrypted password by two characters (e.g., EFDE = EF DE) then look up their ASCII equivalent within the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt). Take that ASCII value and add the corresponding difference.Look this value up in the ascii table. This table is made by taking the ASCII value of the first character of the account name and setting it equal to 'a'. EXAMPLE Account Name: mike m = 109 i = 105 k = 107 e = 101 Differences: First - First: 0 First - Second: 4 First - Third: 2 First - Fourth: 8 Encrypted Password: DFD8CED0E0 DF = 126 D8 = 119 CE = 109 D0 = 111 E0 = 127 Add Difference: 126 + 0 = 126 119 + 4 = 123 109 + 2 = 111 111 + 8 = 119 127 + 0 = 127 Look up in table (see http://www.w00w00.org/imail_map.txt): 126 = r 123 = o 111 = c 119 = k 127 = s Unencrypted Password: rocks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199912-0146",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on December 21, 1999 by Matt Conover \u003cshok@cannabis.dataforce.net\u003e.",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"cve": "CVE-1999-1497",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-1478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1497",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199912-063",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1478",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. The encryption scheme used is weak and has been broken. The following description of the mechanism used is quoted from Matt Conover\u0027s post to Bugtraq, linked to in full in the Credits section. \nENCRYPTION SCHEME Take the lowercase of the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Take each letter of the password, find it\u0027s ASCII equivalent and add the offset (ASCII value of first char of the account name minus 97) then subtract the corresponding difference. Use the differences recursively if the password length is greater than the length of the account name. This gives you the character\u0027s new ASCII value. Next, Look it up the new ASCII value in the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt) and you now have the encrypted letter. \nExample:\nAccount Name: mike\nm = 109\ni = 105\nk = 107\ne = 101\nDifferences:\nFirst - First: 0\nFirst - Second: 4\nFirst - Third: 2\nFirst - Fourth: 8\nUnencrypted Password: rocks\nr = 114\no = 111\nc = 99\nk = 107\ns = 115\n(ASCII value + offset) - difference:\noffset: (109 - 97) = 12\n(114 + 12) - 0 = 126\n(111 + 12) - 4 = 119\n(99 + 12) - 2 = 109\n(107 + 12) - 8 = 111\n(115 + 12) - 0 = 127\n126 = DF\n119 = D8\n109 = CE\n111 = D0\n127 = E0\nEncrypted Password: DFD8CED0E0\nThe decryption scheme is a little easier. First, like the encryption scheme, take the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Now split the encrypted password by two characters (e.g., EFDE = EF DE) then look up their ASCII equivalent within the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt). Take that ASCII value and add the corresponding difference.Look this value up in the ascii table. This table is made by taking the ASCII value of the first character of the account name and setting it equal to \u0027a\u0027. \nEXAMPLE\nAccount Name: mike\nm = 109\ni = 105\nk = 107\ne = 101\nDifferences:\nFirst - First: 0\nFirst - Second: 4\nFirst - Third: 2\nFirst - Fourth: 8\nEncrypted Password: DFD8CED0E0\nDF = 126\nD8 = 119\nCE = 109\nD0 = 111\nE0 = 127\nAdd Difference:\n126 + 0 = 126\n119 + 4 = 123\n109 + 2 = 111\n111 + 8 = 119\n127 + 0 = 127\nLook up in table (see http://www.w00w00.org/imail_map.txt):\n126 = r\n123 = o\n111 = c\n119 = k\n127 = s\nUnencrypted Password: rocks",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1497"
},
{
"db": "BID",
"id": "880"
},
{
"db": "VULHUB",
"id": "VHN-1478"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1478",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1497",
"trust": 2.0
},
{
"db": "BID",
"id": "880",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "19991221 [W00GIVING \u002799 #11] IMAIL\u0027S PASSWORD ENCRYPTION SCHEME",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "401",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "19683",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1478",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"id": "VAR-199912-0146",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:52.326000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/880"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/39329"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-1478"
},
{
"date": "1999-12-19T00:00:00",
"db": "BID",
"id": "880"
},
{
"date": "1999-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"date": "1999-12-21T05:00:00",
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-1478"
},
{
"date": "2009-07-11T01:56:00",
"db": "BID",
"id": "880"
},
{
"date": "2007-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail Weak Password Encryption Vulnerability",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
}
}
VAR-200505-0076
Vulnerability from variot - Updated: 2025-04-03 22:42Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. The Ipswitch Collaboration Suite IMail IMAP service is reported prone to a buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on arguments that are passed to the EXAMINE command. It is conjectured that a remote authenticated attacker may exploit this vulnerability to execute arbitrary code in the context of the affected service. Immediate consequences of a failed exploit attempt would be a denial of service due to the application crashing on an access violation. IMail Server version 8.13 an earlier are reported prone to this vulnerability.
Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS
Request Trial: https://ca.secunia.com/?f=l
TITLE: Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow
SECUNIA ADVISORY ID: SA14546
VERIFY ADVISORY: http://secunia.com/advisories/14546/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite (ICS) 1.x http://secunia.com/product/4773/ IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Nico Steinhardt has reported a vulnerability in Ipswitch Collaboration Suite, which can be exploited by malicious users to compromise a vulnerable system.
SOLUTION: Apply IMail Server 8.15 Hotfix 1: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe
PROVIDED AND/OR DISCOVERED BY: Nico Steinhardt
ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=216&type=vulnerabilities
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. BACKGROUND
Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for Microsoft Windows with a customer base of over 53 million users. More information is available on the vendor's website:
http://www.ipswitch.com/products/IMail_Server/index.html
II. The EXAMINE command selects a mailbox so that messages within the mailbox may be accessed with read-only privileges. EXAMINE requests with malformed mailbox names of 259 bytes will overwrite the saved stack frame pointer, resulting in potential process execution control. It should be noted that IMAP will append a '/' character to your supplied mailbox name so the most significant byte of the frame pointer will be 0x2e. The output below shows successful control of the frame pointer.
(668.f8): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled.
eax=00000006 ebx=008943b0 ecx=42424242 edx=00c8fad4 esi=008943b0 edi=00000013 eip=0078626d esp=00c9fd20 ebp=2e434343 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246 0078626d ?? ???
Frame pointer overwrites may allow attackers to redirect program flow when the current function returns. It should be noted that the IMAP EXAMINE command is only available after successful authentication.
III. The EXAMINE IMAP command is only valid after authentication has occurred, however due to the nature of IMAP servers serving a large user base, this requirement only slightly reduces exposure to the vulnerability.
IV. DETECTION
iDEFENSE has confirmed that the IMAP4 daemon (IMAP4d32.exe ver. IMail Server is now packaged as part of Ipswitch Collaboration Suite.
V. WORKAROUND
Use application level content filtering on overly long IMAP commands.
VI. VENDOR RESPONSE
This vulnerability is addressed in IMail Server 8.15 Hotfix 1 (February 3, 2005), which is available for download at:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0707 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
03/02/2005 Initial vendor notification 03/08/2005 Initial vendor response 03/10/2005 Public disclosure
IX. CREDIT
Nico Steinhardt is credited with this discovery.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
Free tools, research and upcoming events http://labs.idefense.com
X. LEGAL NOTICES
Copyright (c) 2005 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "collaboration suite",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "8.15"
},
{
"model": "collaboration suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "8.15"
},
{
"model": "collaboration suite",
"scope": null,
"trust": 0.3,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
}
],
"sources": [
{
"db": "BID",
"id": "12780"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nico Steinhardt iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0707",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2005-0707",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-11916",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0707",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-692",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11916",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. The Ipswitch Collaboration Suite IMail IMAP service is reported prone to a buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on arguments that are passed to the EXAMINE command. \nIt is conjectured that a remote authenticated attacker may exploit this vulnerability to execute arbitrary code in the context of the affected service. Immediate consequences of a failed exploit attempt would be a denial of service due to the application crashing on an access violation. \nIMail Server version 8.13 an earlier are reported prone to this vulnerability. \n----------------------------------------------------------------------\n\nMonitor, Filter, and Manage Security Information\n- Filtering and Management of Secunia advisories\n- Overview, documentation, and detailed reports\n- Alerting via email and SMS\n\nRequest Trial:\nhttps://ca.secunia.com/?f=l\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch Collaboration Suite IMAP EXAMINE Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA14546\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14546/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite (ICS) 1.x\nhttp://secunia.com/product/4773/\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nNico Steinhardt has reported a vulnerability in Ipswitch\nCollaboration Suite, which can be exploited by malicious users to\ncompromise a vulnerable system. \n\nSOLUTION:\nApply IMail Server 8.15 Hotfix 1:\nftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nNico Steinhardt\n\nORIGINAL ADVISORY:\niDEFENSE:\nhttp://www.idefense.com/application/poi/display?id=216\u0026type=vulnerabilities\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. BACKGROUND\n\nIpswitch Collaboration Suite (ICS) is a comprehensive communication and \ncollaboration solution for Microsoft Windows with a customer base of \nover 53 million users. More information is available on the vendor\u0027s \nwebsite:\n\n http://www.ipswitch.com/products/IMail_Server/index.html\n\nII. The \nEXAMINE command selects a mailbox so that messages within the mailbox \nmay be accessed with read-only privileges. EXAMINE requests with \nmalformed mailbox names of 259 bytes will overwrite the saved stack \nframe pointer, resulting in potential process execution control. It \nshould be noted that IMAP will append a \u0027/\u0027 character to your supplied \nmailbox name so the most significant byte of the frame pointer will be \n0x2e. The output below shows successful control of the frame pointer. \n\n(668.f8): Access violation - code c0000005 (first chance)\nFirst chance exceptions are reported before any exception handling. \nThis exception may be expected and handled. \n\neax=00000006 ebx=008943b0 ecx=42424242\nedx=00c8fad4 esi=008943b0 edi=00000013\neip=0078626d esp=00c9fd20 ebp=2e434343\niopl=0 nv up ei pl zr na po nc\ncs=001b ss=0023 ds=0023 es=0023\nfs=0038 gs=0000 efl=00000246\n0078626d ?? ???\n\nFrame pointer overwrites may allow attackers to redirect program flow \nwhen the current function returns. It should be noted that the IMAP \nEXAMINE command is only available after successful authentication. \n\nIII. The EXAMINE IMAP command is only \nvalid after authentication has occurred, however due to the nature of \nIMAP servers serving a large user base, this requirement only slightly \nreduces exposure to the vulnerability. \n\nIV. DETECTION\n\niDEFENSE has confirmed that the IMAP4 daemon (IMAP4d32.exe ver. \nIMail Server is now packaged as part of Ipswitch Collaboration Suite. \n \nV. WORKAROUND\n\nUse application level content filtering on overly long IMAP commands. \n\nVI. VENDOR RESPONSE\n\nThis vulnerability is addressed in IMail Server 8.15 Hotfix 1 (February\n3, 2005), which is available for download at:\n\n ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2005-0707 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n03/02/2005 Initial vendor notification\n03/08/2005 Initial vendor response\n03/10/2005 Public disclosure\n\nIX. CREDIT\n\nNico Steinhardt is credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright (c) 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0707"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-11916",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0707",
"trust": 2.1
},
{
"db": "BID",
"id": "12780",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14546",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1013410",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20050310 IPSWITCH COLLABORATION SUITE IMAP EXAMINE BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "19655",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "36591",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-11916",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36576",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"id": "VAR-200505-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:41.958000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.idefense.com/application/poi/display?id=216\u0026type=vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12780"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013410"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14546"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19655"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/19655"
},
{
"trust": 0.3,
"url": "/archive/1/392871"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=216\u0026amp;type=vulnerabilities"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14546/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4773/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0707"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-11916"
},
{
"date": "2005-03-10T00:00:00",
"db": "BID",
"id": "12780"
},
{
"date": "2005-03-15T07:30:59",
"db": "PACKETSTORM",
"id": "36576"
},
{
"date": "2005-03-15T07:43:28",
"db": "PACKETSTORM",
"id": "36591"
},
{
"date": "2005-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11916"
},
{
"date": "2009-07-12T10:56:00",
"db": "BID",
"id": "12780"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Collaboration Suite IMAP EXAMINE Command buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
}
}
VAR-199903-0051
Vulnerability from variot - Updated: 2025-04-03 22:42IMail POP3 daemon uses weak encryption, which allows local users to read files. IMail is prone to a local security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199903-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "88240"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2000-0019",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1598",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0019",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-199903-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1598",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2000-0019",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail POP3 daemon uses weak encryption, which allows local users to read files. IMail is prone to a local security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0019",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024",
"trust": 0.7
},
{
"db": "BID",
"id": "88240",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-1598",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2000-0019",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"id": "VAR-199903-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:01.691000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/cve-2000-0019"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2000-0019"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/88240"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-1598"
},
{
"date": "1999-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"date": "1999-03-04T00:00:00",
"db": "BID",
"id": "88240"
},
{
"date": "1999-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"date": "1999-03-04T05:00:00",
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-1598"
},
{
"date": "2022-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"date": "1999-03-04T00:00:00",
"db": "BID",
"id": "88240"
},
{
"date": "2022-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail POP3 daemon Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.6
}
}
VAR-200412-1061
Vulnerability from variot - Updated: 2025-04-03 22:40Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. Ipswitch IMail is reported prone to a remote buffer overflow vulnerability. This issue exists due to insufficient boundary checks performed by the application. Ipswitch IMail 8.13 is reported prone to this vulnerability. It is possible that other versions are affected as well. Ipswitch IMail Server is a powerful email solution. Ipswitch IMail Server handles the DELETE command incorrectly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-1061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
}
],
"sources": [
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jerome\u203b jerome@athias.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1520",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2004-1520",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-9950",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1520",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9950",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. Ipswitch IMail is reported prone to a remote buffer overflow vulnerability. This issue exists due to insufficient boundary checks performed by the application. \nIpswitch IMail 8.13 is reported prone to this vulnerability. It is possible that other versions are affected as well. Ipswitch IMail Server is a powerful email solution. Ipswitch IMail Server handles the DELETE command incorrectly",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1520"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "VULHUB",
"id": "VHN-9950"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9950",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11675",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1520",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "13200",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722",
"trust": 0.7
},
{
"db": "XF",
"id": "18058",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "7108",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20041112 IPSWITCH-IMAIL-8.13 STACK OVERFLOW IN THE DELETE COMMAND",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-70993",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-70991",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16479",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "627",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "1151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82989",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9950",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"id": "VAR-200412-1061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:37.292000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11675"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13200"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18058"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110037283803560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18058"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110037283803560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/7108"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im814.html"
},
{
"trust": 0.3,
"url": "/archive/1/381027"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110037283803560\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9950"
},
{
"date": "2004-11-13T00:00:00",
"db": "BID",
"id": "11675"
},
{
"date": "2004-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9950"
},
{
"date": "2004-11-13T00:00:00",
"db": "BID",
"id": "11675"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail 8.13 Remotely DELETE Command buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.9
}
}
VAR-200112-0166
Vulnerability from variot - Updated: 2025-04-03 22:40Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. IMail also includes support for multiple domains, and web based administration. It runs on Microsoft Windows platforms. There is a vulnerability with the authentication process for this web administration tool. Any valid administrator account may make changes to any domain on the server. IPSwitch IMail is a popular web-based mail retrieval program used by many ISPs. Attackers can list, view, add, and delete other domains arbitrarily. User aliases and mailing lists for
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200112-0166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
}
],
"sources": [
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zeeshan Mustafa\u203b security@zeeshan.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"cve": "CVE-2001-1211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1211",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4016",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1211",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200112-158",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4016",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. IMail also includes support for multiple domains, and web based administration. It runs on Microsoft Windows platforms. \nThere is a vulnerability with the authentication process for this web administration tool. Any valid administrator account may make changes to any domain on the server. IPSwitch IMail is a popular web-based mail retrieval program used by many ISPs. Attackers can list, view, add, and delete other domains arbitrarily. User aliases and mailing lists for ",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1211"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "VULHUB",
"id": "VHN-4016"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3766",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1211",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158",
"trust": 0.7
},
{
"db": "XF",
"id": "7752",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011231 IMAIL WEB SERVICE USER ALIASES / MAILING LISTS ADMIN VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4016",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"id": "VAR-200112-0166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:00.336000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3766"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/247786"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20011219-dm01.htm"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020301-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/7752.php"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-4016"
},
{
"date": "2001-12-31T00:00:00",
"db": "BID",
"id": "3766"
},
{
"date": "2001-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"date": "2001-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4016"
},
{
"date": "2009-07-11T09:56:00",
"db": "BID",
"id": "3766"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Domain Management Authority Boost Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
}
}
VAR-200010-0032
Vulnerability from variot - Updated: 2025-04-03 22:39The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383 for it's end users to access. Via this interface users may read and send mail, as well as mail with file attachments. Certain versions of IMail do not perform proper access validation however resulting in users being able to attach files resident on the server. The net result of this is users may attach files on the server to which they should have no access. This access is limited to the user privileges which the server is being run as, typically SYSTEM. It should be noted that once a user attachs the files in question the server deletes them
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200010-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was discovered and reported by Timescape \u003cvellad@kattare.com\u003e.\n\n This advisory was drafted with the help of the SecurityFocus.com Vulnerability Help Team. For more information or assistance drafting advisories please mail vulnhelp@securi",
"sources": [
{
"db": "BID",
"id": "1617"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0780",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0780",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-2357",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0780",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200010-093",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2357",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383 for it\u0027s end users to access. Via this interface users may read and send mail, as well as mail with file attachments. Certain versions of IMail do not perform proper access validation however resulting in users being able to attach files resident on the server. The net result of this is users may attach files on the server to which they should have no access. This access is limited to the user privileges which the server is being run as, typically SYSTEM. \nIt should be noted that once a user attachs the files in question the server deletes them",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0780"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "VULHUB",
"id": "VHN-2357"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-2357",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1617",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0780",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000830 VULNERABILITY REPORT ON IPSWITCH\u0027S IMAIL",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20182",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-74070",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-2357",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"id": "VAR-200010-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:11.654000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1617"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=96767207207553\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=96767207207553\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-2357"
},
{
"date": "2000-08-30T00:00:00",
"db": "BID",
"id": "1617"
},
{
"date": "2000-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"date": "2000-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-2357"
},
{
"date": "2000-08-30T00:00:00",
"db": "BID",
"id": "1617"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSWITCH IMail web Server vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
}
}
VAR-200412-0343
Vulnerability from variot - Updated: 2025-04-03 22:39Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. These vulnerabilities allow a remote attacker to crash the affected application, denying service to legitimate users. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. Versions of the application prior to 8.13 are reported affected by these vulnerabilities. TITLE: IMail Multiple Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA12453
VERIFY ADVISORY: http://secunia.com/advisories/12453/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Various vulnerabilities have been reported in IMail, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
2) An unspecified error within the Web Calendaring can potentially be exploited to cause a crash when a calender entry containing certain content is viewed.
SOLUTION: Apply IMail Server 8.13 patch. http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://support.ipswitch.com/kb/IM-20040902-DM01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0343",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
}
],
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2422",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2422",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10850",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2422",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-1106",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10850",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. \nThese vulnerabilities allow a remote attacker to crash the affected application, denying service to legitimate users. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. \nVersions of the application prior to 8.13 are reported affected by these vulnerabilities. \nTITLE:\nIMail Multiple Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA12453\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/12453/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nVarious vulnerabilities have been reported in IMail, which\npotentially can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\n2) An unspecified error within the Web Calendaring can potentially be\nexploited to cause a crash when a calender entry containing certain\ncontent is viewed. \n\nSOLUTION:\nApply IMail Server 8.13 patch. \nhttp://www.ipswitch.com/support/imail/releases/imail_professional/im813.html\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://support.ipswitch.com/kb/IM-20040902-DM01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2422"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "PACKETSTORM",
"id": "34264"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11106",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "12453",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2004-2422",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "9554",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "9552",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011146",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106",
"trust": 0.7
},
{
"db": "XF",
"id": "17222",
"trust": 0.6
},
{
"db": "XF",
"id": "17219",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10850",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"id": "VAR-200412-0343",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:05.360000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11106"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm#fixes"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9552"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9554"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1011146"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12453"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17219"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17222"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17222"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17219"
},
{
"trust": 0.4,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/12453/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10850"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2004-09-09T06:47:23",
"db": "PACKETSTORM",
"id": "34264"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10850"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Denial Of Service Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.9
}
}
VAR-200412-0389
Vulnerability from variot - Updated: 2025-04-03 22:39Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content.". It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. Versions of the application prior to 8.13 are reported affected by these vulnerabilities. TITLE: IMail Multiple Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA12453
VERIFY ADVISORY: http://secunia.com/advisories/12453/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Various vulnerabilities have been reported in IMail, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
1) An unspecified error within the Queue Manager can be exploited to cause a crash via an overly long sender field.
3) An unspecified error within the Web Messaging can potentially be exploited to cause a crash via an overly long "To:" line.
SOLUTION: Apply IMail Server 8.13 patch. http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://support.ipswitch.com/kb/IM-20040902-DM01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0389",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
}
],
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2423",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2423",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10851",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2423",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10851",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via \"specific content.\". It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. \nVersions of the application prior to 8.13 are reported affected by these vulnerabilities. \nTITLE:\nIMail Multiple Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA12453\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/12453/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nVarious vulnerabilities have been reported in IMail, which\npotentially can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\n1) An unspecified error within the Queue Manager can be exploited to\ncause a crash via an overly long sender field. \n\n3) An unspecified error within the Web Messaging can potentially be\nexploited to cause a crash via an overly long \"To:\" line. \n\nSOLUTION:\nApply IMail Server 8.13 patch. \nhttp://www.ipswitch.com/support/imail/releases/imail_professional/im813.html\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://support.ipswitch.com/kb/IM-20040902-DM01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2423"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "PACKETSTORM",
"id": "34264"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11106",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "12453",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "9553",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-2423",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011146",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160",
"trust": 0.7
},
{
"db": "XF",
"id": "17220",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10851",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"id": "VAR-200412-0389",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:05.330000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11106"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm#fixes"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9553"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1011146"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12453"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17220"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17220"
},
{
"trust": 0.4,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/12453/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10851"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2004-09-09T06:47:23",
"db": "PACKETSTORM",
"id": "34264"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10851"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.9
}
}
VAR-200609-0308
Vulnerability from variot - Updated: 2025-04-03 22:37Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character. The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMTP daemon. A lack of bounds checking during the parsing of long strings contained within the characters '@' and ':' leads to a stack overflow vulnerability. Exploitation can result in code execution or a denial of service. Ipswitch IMail Server and Collaboration Suite are prone to a stack-overflow vulnerability. Updates are available. Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure are vulnerable. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: Ipswitch IMail Server SMTP Service Unspecified Vulnerability
SECUNIA ADVISORY ID: SA21795
VERIFY ADVISORY: http://secunia.com/advisories/21795/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite 2006 http://secunia.com/product/8652/ IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006 http://secunia.com/product/8653/
DESCRIPTION: A vulnerability has been reported in IMail Server, which can be exploited by malicious people to compromise a vulnerable system.
ORIGINAL ADVISORY: http://www.ipswitch.com/support/ics/updates/ics20061.asp http://www.ipswitch.com/support/imail/releases/im20061.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-028.html September 7, 2006
-- CVE ID: CVE-2006-4379
-- Affected Vendor: Ipswitch
-- Affected Products: ICS/IMail Server 2006
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since August 31, 2006 by Digital Vaccine protection filter ID 4496.
-- Vendor Response: Ipswitch has issued an update, version 2006.1, to correct this vulnerability. More details can be found at:
http://www.ipswitch.com/support/imail/releases/im20061.asp
-- Disclosure Timeline: 2006.06.22 - Vulnerability reported to vendor 2006.08.31 - Digital Vaccine released to TippingPoint customers 2006.09.07 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by an anonymous researcher.
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "imail secure server",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail plus",
"scope": "eq",
"trust": 2.4,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_premium"
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_standard"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006 suite premium and standard editions"
},
{
"_id": null,
"model": "imail",
"scope": null,
"trust": 0.7,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": "collaboration suite standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "collaboration suite premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail server",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail plus",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"_id": null,
"model": "collaboration suite standard edition",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"_id": null,
"model": "collaboration suite premium edition",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"_id": null,
"model": "imail server",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail_plus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ipswitch:imail_secure_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ipswitch:ipswitch_collaboration_suite",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-06-028"
}
],
"trust": 0.7
},
"cve": "CVE-2006-4379",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-4379",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-20487",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4379",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#542197",
"trust": 0.8,
"value": "12.86"
},
{
"author": "NVD",
"id": "CVE-2006-4379",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-20487",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"description": {
"_id": null,
"data": "Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an \u0027@\u0027 character and before a \u0027:\u0027 character. The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMTP daemon. A lack of bounds checking during the parsing of long strings contained within the characters \u0027@\u0027 and \u0027:\u0027 leads to a stack overflow vulnerability. Exploitation can result in code execution or a denial of service. Ipswitch IMail Server and Collaboration Suite are prone to a stack-overflow vulnerability. Updates are available. \nIpswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure are vulnerable. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch IMail Server SMTP Service Unspecified Vulnerability\n\nSECUNIA ADVISORY ID:\nSA21795\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21795/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite 2006\nhttp://secunia.com/product/8652/\nIMail Secure Server 2006\nhttp://secunia.com/product/8651/\nIMail Server 2006\nhttp://secunia.com/product/8653/\n\nDESCRIPTION:\nA vulnerability has been reported in IMail Server, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nORIGINAL ADVISORY:\nhttp://www.ipswitch.com/support/ics/updates/ics20061.asp\nhttp://www.ipswitch.com/support/imail/releases/im20061.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow\nhttp://www.zerodayinitiative.com/advisories/ZDI-06-028.html\nSeptember 7, 2006\n\n-- CVE ID:\nCVE-2006-4379\n\n-- Affected Vendor:\nIpswitch\n\n-- Affected Products:\nICS/IMail Server 2006\n\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability since August 31, 2006 by Digital Vaccine protection\nfilter ID 4496. \n\n-- Vendor Response:\nIpswitch has issued an update, version 2006.1, to correct this\nvulnerability. More details can be found at:\n\nhttp://www.ipswitch.com/support/imail/releases/im20061.asp\n\n-- Disclosure Timeline:\n2006.06.22 - Vulnerability reported to vendor\n2006.08.31 - Digital Vaccine released to TippingPoint customers\n2006.09.07 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by an anonymous researcher. \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4379"
},
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-20487",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20487"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2006-4379",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "21795",
"trust": 2.6
},
{
"db": "ZDI",
"id": "ZDI-06-028",
"trust": 2.5
},
{
"db": "BID",
"id": "19885",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3496",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016803",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016804",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#542197",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-067",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060907 ZDI-06-028: IPSWITCH COLLABORATION SUITE SMTP SERVER STACK OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "28789",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "49828",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "3264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "2601",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "3265",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-20487",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49786",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"id": "VAR-200609-0308",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20487"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:37:21.918000Z",
"patch": {
"_id": null,
"data": [
{
"title": "im20061",
"trust": 1.5,
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.4,
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"trust": 2.6,
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-06-028.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19885"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016803"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016804"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21795"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3496"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/21795/"
},
{
"trust": 0.8,
"url": "http://www.mail-archive.com/imail_forum@list.ipswitch.com/msg108403.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4379"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4379"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3496"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28789"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445521/100/0/threaded"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8651/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4379"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"db": "BID",
"id": "19885",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "49786",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "49828",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-12-07T00:00:00",
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"date": "2006-09-07T00:00:00",
"db": "BID",
"id": "19885",
"ident": null
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"date": "2006-09-08T05:23:41",
"db": "PACKETSTORM",
"id": "49786",
"ident": null
},
{
"date": "2006-09-08T06:50:37",
"db": "PACKETSTORM",
"id": "49828",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"date": "2006-09-08T21:04:00",
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2006-12-07T00:00:00",
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"date": "2007-02-05T16:18:00",
"db": "BID",
"id": "19885",
"ident": null
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"date": "2006-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "The Ipswitch IMail Server is vulnerable to a buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
}
],
"trust": 0.6
}
}
VAR-200011-0041
Vulnerability from variot - Updated: 2025-04-03 22:36Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 or 8383. Sending an HTTP request with an extremely long "HOST" field multiple times can cause the system hosting the service to become unresponsive. Each long request "kills" a thread without freeing up the memory used by it. By repeating this request, the system's resources can be used up completely. Ipswitch Imail 6.0 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200011-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.00"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was revealed in an eEye advisory (#AD20000817) dated August 17, 2000.",
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0825",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0825",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-2395",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0825",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200011-049",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2395",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 or 8383. Sending an HTTP request with an extremely long \"HOST\" field multiple times can cause the system hosting the service to become unresponsive. Each long request \"kills\" a thread without freeing up the memory used by it. By repeating this request, the system\u0027s resources can be used up completely. Ipswitch Imail 6.0 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0825"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "VULHUB",
"id": "VHN-2395"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "2011",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0825",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "XF",
"id": "5475",
"trust": 0.6
},
{
"db": "NTBUGTRAQ",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "WIN2KSEC",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2395",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"id": "VAR-200011-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:36:29.311000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2011"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0071.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=96659012127444\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=ntbugtraq\u0026m=96654521004571\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5475"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/5475.php"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=96654521004571\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=96659012127444\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-2395"
},
{
"date": "2000-08-17T00:00:00",
"db": "BID",
"id": "2011"
},
{
"date": "2000-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"date": "2000-11-14T05:00:00",
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2395"
},
{
"date": "2000-08-17T00:00:00",
"db": "BID",
"id": "2011"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Web service\" HOST Denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.9
}
}
VAR-200507-0067
Vulnerability from variot - Updated: 2025-04-03 22:36IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. IMail is prone to a information disclosure vulnerability. IMAIL is an email system including WebMail
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200507-0067",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "2006"
}
],
"sources": [
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89792"
}
],
"trust": 0.3
},
"cve": "CVE-2005-2160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-2160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-13369",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2005-2160",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-2160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200507-061",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-13369",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. IMail is prone to a information disclosure vulnerability. IMAIL is an email system including WebMail",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2160"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "VULHUB",
"id": "VHN-13369"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-2160",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20050705 IMAIL COOKIE VULNERABILITY (UNHASHED)",
"trust": 0.6
},
{
"db": "BID",
"id": "89792",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-13369",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"id": "VAR-200507-0067",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:36:13.187000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=112060187204457\u0026w=2"
},
{
"trust": 0.9,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112060187204457\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=112060187204457\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "VULHUB",
"id": "VHN-13369"
},
{
"date": "2005-07-06T00:00:00",
"db": "BID",
"id": "89792"
},
{
"date": "2005-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"date": "2005-07-06T04:00:00",
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-13369"
},
{
"date": "2005-07-06T00:00:00",
"db": "BID",
"id": "89792"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Imail cookie Information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
}
}
VAR-200411-0057
Vulnerability from variot - Updated: 2025-04-03 22:35Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. Ipswitch, Inc. of Ipswitch Imail Exists in unspecified vulnerabilities.None. The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service. Ipswitch IMail server is a WEB-based mail solution. The Ipswitch LDAP daemon does not adequately check user-supplied LDAP tokens. The LDAP message is composed of the length and content of the tag. The following tags 0x02 0x03 0x0A 0x25 0xBD represent integers 665, 501 (0xA25BD). If the length tag provided by the attacker is too long, the data provided by the user will be copied according to the tag length when the program is processed. Lack of sufficient bounds checks, may overwrite the memory address in the stack due to the following assembly specification: .text: 00401188 mov byte ptr [ebp+ecx+var_4], dl Carefully submitted copy data may be executed on the system with LDAP daemon process privileges Arbitrary instructions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200411-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Labs\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0297",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0297",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-8727",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0297",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#972334",
"trust": 0.8,
"value": "38.48"
},
{
"author": "NVD",
"id": "CVE-2004-0297",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200411-149",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-8727",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. Ipswitch, Inc. of Ipswitch Imail Exists in unspecified vulnerabilities.None. The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service. Ipswitch IMail server is a WEB-based mail solution. The Ipswitch LDAP daemon does not adequately check user-supplied LDAP tokens. The LDAP message is composed of the length and content of the tag. The following tags 0x02 0x03 0x0A 0x25 0xBD represent integers 665, 501 (0xA25BD). If the length tag provided by the attacker is too long, the data provided by the user will be copied according to the tag length when the program is processed. Lack of sufficient bounds checks, may overwrite the memory address in the stack due to the following assembly specification: .text: 00401188 mov byte ptr [ebp+ecx+var_4], dl Carefully submitted copy data may be executed on the system with LDAP daemon process privileges Arbitrary instructions",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0297"
},
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "VULHUB",
"id": "VHN-8727"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8727",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8727"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#972334",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2004-0297",
"trust": 3.3
},
{
"db": "BID",
"id": "9682",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "3984",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "10880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20040217 IPSWITCH IMAIL LDAP DAEMON REMOTE BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "15243",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-71326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83017",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "157",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16824",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8727",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"id": "VAR-200411-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8727"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:35:00.354000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9682"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/972334"
},
{
"trust": 2.5,
"url": "http://www.idefense.com/application/poi/display?id=74"
},
{
"trust": 1.9,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15243"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im805hf2.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3984"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=74\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/10880/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0297"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15243"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "/archive/1/354237"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#972334"
},
{
"date": "2004-11-23T00:00:00",
"db": "VULHUB",
"id": "VHN-8727"
},
{
"date": "2004-02-17T00:00:00",
"db": "BID",
"id": "9682"
},
{
"date": "2024-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"date": "2004-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"date": "2004-11-23T05:00:00",
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-03-19T00:00:00",
"db": "CERT/CC",
"id": "VU#972334"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-8727"
},
{
"date": "2004-02-17T00:00:00",
"db": "BID",
"id": "9682"
},
{
"date": "2024-05-31T10:31:00",
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail Server LDAP daemon buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
}
}
VAR-200110-0113
Vulnerability from variot - Updated: 2025-04-03 22:30Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. Due to improper bounds checking, the Web Calendaring feature of IMail could allow the execution of arbitrary code with the privileges of SYSTEM. This is achieveable by submitting a specially crafted GET request. Ipswitch IMail 7.04 and earlier versions have a buffer overflow vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0113",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq in a Defcom Labs Advisory def-2001-29 on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1287",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1287",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4092",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1287",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-043",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4092",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nDue to improper bounds checking, the Web Calendaring feature of IMail could allow the execution of arbitrary code with the privileges of SYSTEM. This is achieveable by submitting a specially crafted GET request. Ipswitch IMail 7.04 and earlier versions have a buffer overflow vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1287"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "VULHUB",
"id": "VHN-4092"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-4092",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3431",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1287",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011012 DEF-2001-29",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "22458",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76260",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-4092",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"id": "VAR-200110-0113",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:30:57.108000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3431"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0083.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4092"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3431"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4092"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3431"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Web Calender Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.6
}
}
VAR-200004-0055
Vulnerability from variot - Updated: 2025-04-03 22:27Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. Due to the implementation of IMail's authentication scheme, the server could be remotely forced to stop responding to login requests. If the client fails to terminate the connection, IMail will not be able to authenticate any other users due to the fact that it can only authorize one user at a time. Once the client times out the connection, IMail will regain normal functionality. Otherwise the service will have to be restarted
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200004-0055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on April 5, 2000 by Anthony Santen \u003canthony@santen.net\u003e.",
"sources": [
{
"db": "BID",
"id": "1094"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0301",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0301",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-1880",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0301",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200004-008",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1880",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. Due to the implementation of IMail\u0027s authentication scheme, the server could be remotely forced to stop responding to login requests. If the client fails to terminate the connection, IMail will not be able to authenticate any other users due to the fact that it can only authorize one user at a time. \nOnce the client times out the connection, IMail will regain normal functionality. Otherwise the service will have to be restarted",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0301"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "VULHUB",
"id": "VHN-1880"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1094",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0301",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000405 RE: IMAIL (IPSWITCH) DOS WITH EUDORA (QUALCOMM)",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-1880",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"id": "VAR-200004-0055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:27:29.195000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://support.ipswitch.com/kb/im-20000208-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1094"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=95505800117143\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=95505800117143\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-1880"
},
{
"date": "2000-04-06T00:00:00",
"db": "BID",
"id": "1094"
},
{
"date": "2000-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"date": "2000-04-06T04:00:00",
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-1880"
},
{
"date": "2000-04-06T00:00:00",
"db": "BID",
"id": "1094"
},
{
"date": "2010-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMAIL server Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
}
}
VAR-199902-0016
Vulnerability from variot - Updated: 2025-04-03 22:26IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. A security vulnerability exists in IPswitch WS_FTP
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199902-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.1.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.1.e"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.2"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1171",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1171",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1152",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1171",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199902-007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1152",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. A security vulnerability exists in IPswitch WS_FTP",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1171"
},
{
"db": "BID",
"id": "218"
},
{
"db": "VULHUB",
"id": "VHN-1152"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1152",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1171",
"trust": 2.0
},
{
"db": "BID",
"id": "218",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "19167",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1152",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"id": "VAR-199902-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:30.666000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/218"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=ntbugtraq\u0026m=91816507920544\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=ntbugtraq\u0026amp;m=91816507920544\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-1152"
},
{
"date": "1999-02-04T00:00:00",
"db": "BID",
"id": "218"
},
{
"date": "1999-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"date": "1999-02-02T05:00:00",
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-1152"
},
{
"date": "2009-07-11T00:16:00",
"db": "BID",
"id": "218"
},
{
"date": "2020-01-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch WS_FTP Service privilege expansion vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
}
}
VAR-199901-0009
Vulnerability from variot - Updated: 2025-04-03 22:26IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. Progress Software IPswitch IMail is an email server of Progress Software Company in the United States. A security vulnerability exists in Progress Software IPswitch IMail
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199901-0009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.1.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.1.e"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.2"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1170",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1170",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1151",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1170",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199901-025",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1151",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. Progress Software IPswitch IMail is an email server of Progress Software Company in the United States. A security vulnerability exists in Progress Software IPswitch IMail",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1170"
},
{
"db": "BID",
"id": "218"
},
{
"db": "VULHUB",
"id": "VHN-1151"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1151",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1170",
"trust": 2.0
},
{
"db": "BID",
"id": "218",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "19167",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1151",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"id": "VAR-199901-0009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:30.642000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Progress Software IPswitch IMail Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106535"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/218"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=ntbugtraq\u0026m=91816507920544\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=ntbugtraq\u0026amp;m=91816507920544\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-01-02T00:00:00",
"db": "VULHUB",
"id": "VHN-1151"
},
{
"date": "1999-02-04T00:00:00",
"db": "BID",
"id": "218"
},
{
"date": "1999-01-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"date": "1999-01-02T05:00:00",
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-1151"
},
{
"date": "2009-07-11T00:16:00",
"db": "BID",
"id": "218"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progress Software IPswitch IMail Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
}
}
VAR-200110-0110
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. If the attacker can anticipate a current valid session ID then they will be able to access webmail accounts without possessing a valid username/password. Session IDs are generated using alphanumeric characters. A number of the characters are static
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1284",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1284",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4089",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1284",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-041",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4089",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. If the attacker can anticipate a current valid session ID then they will be able to access webmail accounts without possessing a valid username/password. \nSession IDs are generated using alphanumeric characters. A number of the characters are static",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1284"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "VULHUB",
"id": "VHN-4089"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3428",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1284",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4089",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"id": "VAR-200110-0110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:23.020000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3428"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4089"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3428"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4089"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3428"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Predictable Session ID Vulnerability",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
}
}
VAR-200110-0108
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. A vulnerability exists which may remotely disclose sensitive information about the host running IMail Server. The disclosed information may be used to maliciously map out the directory structure of the host, facilitating further "intelligent" attacks on the host
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0108",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1282",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1282",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4087",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1282",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-046",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4087",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. \nA vulnerability exists which may remotely disclose sensitive information about the host running IMail Server. \nThe disclosed information may be used to maliciously map out the directory structure of the host, facilitating further \"intelligent\" attacks on the host",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1282"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "VULHUB",
"id": "VHN-4087"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3426",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1282",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4087",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"id": "VAR-200110-0108",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.996000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3426"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4087"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3426"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4087"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3426"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Path leak vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.9
}
}
VAR-200110-0112
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. A vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. This accomplished using directory traversal techniques while logged into the server with a valid session ID
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0112",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1286",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1286",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4091",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1286",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-044",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier stores a user\u0027s session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker\u0027s control. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nA vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. \nThis accomplished using directory traversal techniques while logged into the server with a valid session ID",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1286"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "VULHUB",
"id": "VHN-4091"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1286",
"trust": 2.0
},
{
"db": "BID",
"id": "3432",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020310 IMAIL ACCOUNT HIJACK THROUGH THE WEB INTERFACE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4091",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"id": "VAR-200110-0112",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.972000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3432"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/261096"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4091"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3432"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4091"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3432"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail User Mailbox Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.6
}
}
VAR-200110-0109
Vulnerability from variot - Updated: 2025-04-03 22:25The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. The IPSwitch IMail Server webmail interface is prone to a denial of service. Theweb interface will crash if a mailbox with a name that contains 248+ dots('.') is accessed. If the webmail interface crashes then it must be restarted to regain normal functionality. CGI scripts that access mailboxes may also induce a denial of service in the same manner. Though it is unconfirmed, this issue may be caused by a buffer overflow. If thisis the case, a possibility does exist that this issue may be exploited to execute arbitrary code on the host. (dot) or other characters, resulting in service denial (crash)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0109",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1283",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1283",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4088",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1283",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-045",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4088",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. \nThe IPSwitch IMail Server webmail interface is prone to a denial of service. Theweb interface will crash if a mailbox with a name that contains 248+ dots(\u0027.\u0027) is accessed. If the webmail interface crashes then it must be restarted to regain normal functionality. CGI scripts that access mailboxes may also induce a denial of service in the same manner. \nThough it is unconfirmed, this issue may be caused by a buffer overflow. If thisis the case, a possibility does exist that this issue may be exploited to execute arbitrary code on the host. (dot) or other characters, resulting in service denial (crash)",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1283"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "VULHUB",
"id": "VHN-4088"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1283",
"trust": 2.0
},
{
"db": "BID",
"id": "3427",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4088",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"id": "VAR-200110-0109",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.946000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3427"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4088"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3427"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4088"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3427"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Mailbox Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
}
}
VAR-200110-0111
Vulnerability from variot - Updated: 2025-04-03 22:25Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. A vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. This accomplished using directory traversal techniques while logged into the server with a valid session ID. Remote attackers use the .
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1285",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-4090",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1285",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4090",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nA vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. \nThis accomplished using directory traversal techniques while logged into the server with a valid session ID. Remote attackers use the .",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1285"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "VULHUB",
"id": "VHN-4090"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1285",
"trust": 2.0
},
{
"db": "BID",
"id": "3432",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4090",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"id": "VAR-200110-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.921000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3432"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4090"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3432"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4090"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3432"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "pswitch Imail User Mailbox Disclosure Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
}
}
VAR-200210-0230
Vulnerability from variot - Updated: 2025-04-03 22:24IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. It has been reported that such a transaction with the service results in a crash of the iwebcal service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0230",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovery credited to \u003c2c79cbe14ac7d0b8472d3f129fa1df55@hush.com\u003e.",
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1077",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1077",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5465",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1077",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-198",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5465",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. It has been reported that such a transaction with the service results in a crash of the iwebcal service",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1077"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "VULHUB",
"id": "VHN-5465"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5465",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5365",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1077",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198",
"trust": 0.7
},
{
"db": "XF",
"id": "9722",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020730 IPSWITCH IMAIL ADVISORY #2",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21673",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75496",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"id": "VAR-200210-0230",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:11.482000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5365"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0399.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9722.php"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5465"
},
{
"date": "2002-07-30T00:00:00",
"db": "BID",
"id": "5365"
},
{
"date": "2002-10-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5465"
},
{
"date": "2009-07-11T14:56:00",
"db": "BID",
"id": "5365"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Calendar Incomplete Mail Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.9
}
}
VAR-200210-0229
Vulnerability from variot - Updated: 2025-04-03 22:22Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. The web messaging server is vulnerable to a buffer overflow. When the server receives a request for HTTP version 1.0, and the total request is 96 bytes or greater, a buffer overflow occurs. This could result in the execution of attacker-supplied instructions, and potentially allow an attacker to gain local access. ** Ipswitch has reported they are unable to reproduce this issue. In addition, Ipswitch has stated that the supplied, third party patch may in fact open additional vulnerabilities in the product. Ipswitch suggests that users do not apply the supplied patch. IMail's Web Messaging daemon lacks proper checks for parameters when processing HTTP/1.0 GET requests. Remote attackers can exploit this vulnerability to perform buffer overflow attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
}
],
"sources": [
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "2c79cbe14ac7d0b8472d3f129fa1df\u203b c79cbe14ac7d0b8472d3f129fa1df55@yahoo.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1076",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5464",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1076",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-145",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5464",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. \nThe web messaging server is vulnerable to a buffer overflow. When the server receives a request for HTTP version 1.0, and the total request is 96 bytes or greater, a buffer overflow occurs. This could result in the execution of attacker-supplied instructions, and potentially allow an attacker to gain local access. \n** Ipswitch has reported they are unable to reproduce this issue. In addition, Ipswitch has stated that the supplied, third party patch may in fact open additional vulnerabilities in the product. Ipswitch suggests that users do not apply the supplied patch. IMail\u0027s Web Messaging daemon lacks proper checks for parameters when processing HTTP/1.0 GET requests. Remote attackers can exploit this vulnerability to perform buffer overflow attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1076"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "VULHUB",
"id": "VHN-5464"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5464",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5323",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1076",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020725 IPSWITCH IMAIL ADVISORY/EXPLOIT/PATCH",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020729 HOAX EXPLOIT",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020729 RE: HOAX EXPLOIT (2C79CBE14AC7D0B8472D3F129FA1DF55 RETURNS)",
"trust": 0.6
},
{
"db": "XF",
"id": "9679",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75478",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21654",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5464",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"id": "VAR-200210-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:22:03.686000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5323"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0326.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0363.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0368.html"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020729-dm01.htm"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020731-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9679.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5464"
},
{
"date": "2002-07-26T00:00:00",
"db": "BID",
"id": "5323"
},
{
"date": "2002-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5464"
},
{
"date": "2002-07-26T00:00:00",
"db": "BID",
"id": "5323"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Messaging Daemon HTTP GET Remote buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
}
}