Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
122 vulnerabilities found for imail by ipswitch
VAR-201103-0114
Vulnerability from variot - Updated: 2026-03-09 23:25The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC. Postfix is a mail transfer agent used in Unix-like operating systems. The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 did not properly restrict I/ O buffering effect. ========================================================================== Ubuntu Security Notice USN-1113-1 April 18, 2011
postfix vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 9.10
- Ubuntu 8.04 LTS
- Ubuntu 6.06 LTS
Summary:
An attacker could send crafted input to Postfix and cause it to reveal confidential information. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. (CVE-2009-2939)
Wietse Venema discovered that Postfix incorrectly handled cleartext commands after TLS is in place. (CVE-2011-0411)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.10: postfix 2.7.1-1ubuntu0.1
Ubuntu 10.04 LTS: postfix 2.7.0-1ubuntu0.1
Ubuntu 9.10: postfix 2.6.5-3ubuntu0.1
Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.3
Ubuntu 6.06 LTS: postfix 2.2.10-1ubuntu0.3
In general, a standard system update will make all the necessary changes.
References: CVE-2009-2939, CVE-2011-0411
Package Information: https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1 https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3 https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3
.
CVE-2011-4130 ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution.
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
References:
http://www.postfix.org/CVE-2011-0411.html
Updated Packages:
Mandriva Linux 2009.0: ed4ae86475a00faaadbda5683ee496f5 2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm 0dea42dbd5958a0a4a4e8a47d020062a 2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm 3f3c60fbe60ffa16a542ae78868042c1 2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 9fbbd20ce659012dcef2ea534b3e065c 2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm d953ece1911ad4f744b5fe5f704c2e9e 2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm fd131923aa12607939a33ab0d5a47690 2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm
Mandriva Linux 2010.0: 580032400f3f536b90509404bfa5ff50 2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm 05fe3428a8378f9c7e8282d9e62c9fdf 2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm 8e63f703e071bf7f819b98cb96eeab1d 2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 897957ada6eadf9e87bae3e26ff442fe 2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm add9ece828990b566192691992e43cc6 2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm 6c82671449daf5c7b9d6e40c4c33939b 2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.1: 441c80d9c965274c99d34fce9a4bb6ca 2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm f73c5b101a3100fa5ccf7be95cb820c1 2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm 1bf7c0076615559f213f9e90aabe1ee3 2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64: 7f83617195a06fe87d4fe91f78256ea8 2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm d0428e106e4c4233a266b62b1208f63e 2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm 04a2e708f8334b33fda7975f72c9afd0 2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm
Corporate 4.0: 2054ec719cbd8c9be8ad7e9bc654f79e corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm 2614d3560204ffb498f6c49453442d05 corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm 1fb356298d6a5c4b50b6822e8dde3e0b corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b4d4edc6889d96135330b98057bf5396 corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm 99ffba7cc4e729a617ca45a10baa9125 corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm b84684dfd4166dcf6def917014355b76 corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 3e3694e0220ab4cfc55b3d0614443d5d mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm c281cdd9b6ab44f956802cbd9d327e36 mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm ab25c5522a053fddf570a7af29f79db7 mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: dd4fbf6ccb18a342b91b2bdc07048fd9 mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm 70a0f49eaca5fd8f7a80967810fbfb7d mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm 7e6c3b99218158806d3c747f781a449b mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-33
http://security.gentoo.org/
Severity: High Title: Postfix: Multiple vulnerabilities Date: June 25, 2012 Bugs: #358085, #366605 ID: 201206-33
Synopsis
A vulnerability has been found in Postfix, the worst of which possibly allowing remote code execution.
Background
Postfix is Wietse Venema=E2=80=99s mailer that attempts to be fast, easy = to administer, and secure, as an alternative to the widely-used Sendmail program.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-mta/postfix < 2.7.4 >= 2.7.4
Description
A vulnerability have been discovered in Postfix. Please review the CVE identifier referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Postfix users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-mta/postfix-2.7.4"
References
[ 1 ] CVE-2011-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0411 [ 2 ] CVE-2011-1720 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1720
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-33.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . This is a writeup about a flaw that I found recently, and that existed in multiple implementations of SMTP (Simple Mail Transfer Protocol) over TLS (Transport Layer Security) including my Postfix open source mailserver. I give an overview of the problem and its impact, how to find out if a server is affected, fixes, and draw lessons about where we can expect similar problems. A time line is at the end.
For further reading: http://www.kb.cert.org/vuls/id/555316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0411 http://www.postfix.org/CVE-2011-0411.html (extended writeup)
Wietse
Problem overview and impact
The TLS protocol encrypts communication and protects it against modification by other parties. This protection exists only if a) software is free of flaws, and b) clients verify the server's TLS certificate, so that there can be no "man in the middle" (servers usually don't verify client certificates).
The problem discussed in this writeup is caused by a software flaw.
The injected commands could be used to steal the victim's email or SASL (Simple Authentication and Security Layer) username and password.
This is not as big a problem as it may appear to be. The reason is that many SMTP client applications don't verify server TLS certificates. These SMTP clients are always vulnerable to command injection and other attacks. Their TLS sessions are only encrypted but not protected.
A similar plaintext injection flaw may exist in the way SMTP clients handle SMTP-over-TLS server responses, but its impact is less interesting than the server-side flaw.
SMTP is not the only protocol with a mid-session switch from plaintext to TLS. Other examples are POP3, IMAP, NNTP and FTP. Implementations of these protocols may be affected by the same flaw as discussed here.
Demonstration
The problem is easy to demonstrate with a one-line change to the OpenSSL s_client command source code (I would prefer scripting, but having to install Perl CPAN modules and all their dependencies is more work than downloading a .tar.gz file from openssl.org, adding eight characters to one line, and doing "./config; make").
The OpenSSL s_client command can make a connection to servers that support straight TLS, SMTP over TLS, or a handful other protocols over TLS. The demonstration with SMTP over TLS involves a one-line change in the OpenSSL s_client source code (with OpenSSL 1.0.0, at line 1129 of file apps/s_client.c).
Old: BIO_printf(sbio,"STARTTLS\r\n"); New: BIO_printf(sbio,"STARTTLS\r\nRSET\r\n");
With this change, the s_client command sends the plaintext STARTTLS command ("let's turn on TLS") immediately followed by an RSET command (a relatively harmless protocol "reset"). Both commands are sent as plaintext in the same TCP/IP packet, and arrive together at the server. The "\r\n" are the carriage-return and newline characters; these are necessary to terminate an SMTP command.
When an SMTP server has the plaintext injection flaw, it reads the STARTTLS command first, switches to SMTP-over-TLS mode, and only then the server reads the RSET command. Note, the RSET command was transmitted during the plaintext SMTP phase when there is no protection, but the server reads the command as if it was received over the TLS-protected channel.
Thus, when the SMTP server has the flaw, the s_client command output will show two "250" SMTP server responses instead of one. The first "250" response is normal, and is present even when the server is not flawed. The second "250" response is for the RSET command, and indicates that the SMTP server has the plaintext injection flaw.
$ apps/openssl s_client -quiet -starttls smtp -connect server:port [some server TLS certificate details omitted] 250 some text here <=== Normal response, also with "good" server. 250 more text here <=== RSET response, only with flawed server.
Anatomy of the flaw: it's all about the plumbing
Whether a program may have the plaintext injection flaw depends on how it adjusts the plumbing, as it inserts the TLS protocol layer in-between the SMTP protocol layer and the O/S TCP/IP protocol layer. I illustrate this with examples from three open source MTAs: Postfix, Sendmail and Exim. The diagram below is best viewed with a fixed-width font, for example, from the Courier family.
Postfix MTA Sendmail MTA Exim MTA
before/after before/after before/after
switch to TLS switch to TLS switch to TLS
SMTP SMTP SMTP SMTP SMTP SMTP <= SMTP layer
|| || || || || ||
stream stream stream stream' || || buffers buffers buffers buffers' rw r'w' <= stream layer rw r'w' rw r'w' || || || || || || || || || TLS || TLS || TLS <= TLS layer || || || || || || O/S O/S O/S O/S O/S O/S <= TCP/IP layer
As shown in the diagram, both Postfix and Sendmail use an application- level stream abstraction, where each stream has properties such as read/write buffers, read/write functions (indicated with rw), and other properties that are omitted for brevity.
When Postfix switches to SMTP over TLS, it replaces the plaintext read/write functions (rw) with the TLS read/write functions (r'w'). Postfix does not modify any of the other stream properties including the read/write buffers. A patch for qmail that introduces TLS support uses the same approach. This approach of replacing only the stream read/write functions, but not the buffers or other stream properties, can introduce the plaintext injection flaw.
When Sendmail switches to SMTP over TLS, it replaces the entire stream, along with its read/write buffers and read/write functions. Exim, on the other hand, does not seem to have a stream abstraction like Postfix, Sendmail or qmail. Instead of replacing streams or stream properties, Exim replaces plaintext read/write functions with TLS read/write functions. Because of their program structure, Sendmail and Exim didn't suffer from the plaintext injection flaw.
Fixing the problem
There are two solutions to address the flaw, and both solutions can be used together.
- Report an error when unexpected plaintext is received after the STARTTLS command. As documented in RFC 3207, STARTTLS must be the last command in a pipelined group. If plaintext commands are received after STARTTLS, then that is a protocol violation.
This measure can also be implemented outside the MTA, for example in a protocol-aware firewall.
- If a program uses the same input buffer before and after the switch to TLS, it should discard the contents of the input buffer, just like it discards SMTP protocol information that it received during the plaintext protocol phase.
Conclusion
This plaintext injection problem is likely to recur when some development moves the plaintext-to-ciphertext switch outside the application: for example, into the kernel, into the local hardware, into a proxy, or into other infrastructure. This encourages applications to use the same application-level streams and buffers and read/write functions before and after the switch to ciphertext. When this migration happens, plaintext injection becomes once more a possibility.
Time line
Jan 5 2011: While finishing Postfix for its annual release, I found and fixed this flaw in the SMTP server and client implementations, where it had been sitting ever since TLS support was adopted.
Jan 6-10 2011: As we investigated the scope of the problem, Victor Duchovni (co-developer) discovered that other implementations were also affected including security providers and security appliances.
Jan 11 2011: Contact CERT/CC to help coordinate with the problem's resolution.
Mar 7 2011: Public announcement, and Postfix legacy release updates. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-2939 The postinst script grants the postfix user write access to /var/spool/postfix/pid, which might allow local users to conduct symlink attacks that overwrite arbitrary files.
CVE-2011-1720 A heap-based read-only buffer overflow allows malicious clients to crash the smtpd server process using a crafted SASL authentication request.
For the oldstable distribution (lenny), this problem has been fixed in version 2.5.5-1.1+lenny1.
For the stable distribution (squeeze), this problem has been fixed in version 2.7.1-1+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 2.8.0-1.
We recommend that you upgrade your postfix packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJNyXybAAoJEL97/wQC1SS+xb0H/igqYhOTtvO91deptOPyednw 5sBQPXGoo+RXeomLsJk8P6ezm7fEGTSl7GUEpNwS1qsqAPVnl9XAK6dOGFae1PbG 2L93eR6AKgKo60tp2On1Tf1c0HcD6yKiZ6J7C7nZ3E8+yZwSd1k6826ZUQ3gzKKW DTIu6w2CzzleK/bppWfhAvwvobHD6X1B16qklZfqw6H0C/QfMjM8ZXLCRv9Tq1TN jX1W4qeed7pr8r3pTJ9npzae7drqFLoVDi0tpGKi0UHEwgRma1AbDaI2BVmeblue YNRHg7H+TqfrUwN8iB64WrYvqnHCQfvViL8f0ML2uJXJf/lHby+vxPl6EGxAIoY= =yCCp -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006
OS X Lion v10.7.2 and Security Update 2011-006 is now available and addresses the following:
Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.20 to address several vulnerabilities, the most serious of which may lead to a denial of service. CVE-2011-0419 does not affect OS X Lion systems. Further information is available via the Apache web site at http://httpd.apache.org/ CVE-ID CVE-2011-0419 CVE-2011-3192
Application Firewall Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Executing a binary with a maliciously crafted name may lead to arbitrary code execution with elevated privileges Description: A format string vulnerability existed in Application Firewall's debug logging. CVE-ID CVE-2011-0185 : an anonymous reporter
ATS Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution Description: A signedness issue existed in ATS' handling of Type 1 fonts. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3437
ATS Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution Description: An out of bounds memory access issue existed in ATS' handling of Type 1 fonts. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0229 : Will Dormann of the CERT/CC
ATS Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Applications which use the ATSFontDeactivate API may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in the ATSFontDeactivate API. CVE-ID CVE-2011-0230 : Steven Michaud of Mozilla
BIND Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in BIND 9.7.3 Description: Multiple denial of service issues existed in BIND 9.7.3. These issues are addressed by updating BIND to version 9.7.3-P3. CVE-ID CVE-2011-1910 CVE-2011-2464
BIND Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in BIND Description: Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3. CVE-ID CVE-2009-4022 CVE-2010-0097 CVE-2010-3613 CVE-2010-3614 CVE-2011-1910 CVE-2011-2464
Certificate Trust Policy Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1. Impact: Root certificates have been updated Description: Several trusted certificates were added to the list of system roots. Several existing certificates were updated to their most recent version. The complete list of recognized system roots may be viewed via the Keychain Access application.
CFNetwork Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Safari may store cookies it is not configured to accept Description: A synchronization issue existed in CFNetwork's handling of cookie policies. Safari's cookie preferences may not be honored, allowing websites to set cookies that would be blocked were the preference enforced. This update addresses the issue through improved handling of cookie storage. CVE-ID CVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin C. Walker, and Stephen Creswell
CFNetwork Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of HTTP cookies. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook
CoreFoundation Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in CoreFoundation's handling of string tokenization. This issue does not affect OS X Lion systems. This update addresses the issue through improved bounds checking. CVE-ID CVE-2011-0259 : Apple
CoreMedia Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Visiting a maliciously crafted website may lead to the disclosure of video data from another site Description: A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)
CoreMedia Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of QuickTime movie files. These issues do not affect OS X Lion systems. CVE-ID CVE-2011-0224 : Apple
CoreProcesses Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A person with physical access to a system may partially bypass the screen lock Description: A system window, such as a VPN password prompt, that appeared while the screen was locked may have accepted keystrokes while the screen was locked. This issue is addressed by preventing system windows from requesting keystrokes while the screen is locked. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-0260 : Clint Tseng of the University of Washington, Michael Kobb, and Adam Kemp
CoreStorage Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Converting to FileVault does not erase all existing data Description: After enabling FileVault, approximately 250MB at the start of the volume was left unencrypted on the disk in an unused area. Only data which was present on the volume before FileVault was enabled was left unencrypted. This issue is addressed by erasing this area when enabling FileVault, and on the first use of an encrypted volume affected by this issue. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3212 : Judson Powers of ATC-NY
File Systems Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information Description: An issue existed in the handling of WebDAV volumes on HTTPS servers. If the server presented a certificate chain that could not be automatically verified, a warning was displayed and the connection was closed. If the user clicked the "Continue" button in the warning dialog, any certificate was accepted on the following connection to that server. An attacker in a privileged network position may have manipulated the connection to obtain sensitive information or take action on the server on the user's behalf. This update addresses the issue by validating that the certificate received on the second connection is the same certificate originally presented to the user. CVE-ID CVE-2011-3213 : Apple
IOGraphics Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: A person with physical access may be able to bypass the screen lock Description: An issue existed with the screen lock when used with Apple Cinema Displays. When a password is required to wake from sleep, a person with physical access may be able to access the system without entering a password if the system is in display sleep mode. This update addresses the issue by ensuring that the lock screen is correctly activated in display sleep mode. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3214 : Apple
iChat Server Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A remote attacker may cause the Jabber server to consume system resources disproportionately Description: An issue existed in the handling of XML external entities in jabberd2, a server for the Extensible Messaging and Presence Protocol (XMPP). jabberd2 expands external entities in incoming requests. This allows an attacker to consume system resources very quickly, denying service to legitimate users of the server. This update addresses the issue by disabling entity expansion in incoming requests. CVE-ID CVE-2011-1755
Kernel Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A person with physical access may be able to access the user's password Description: A logic error in the kernel's DMA protection permitted firewire DMA at loginwindow, boot, and shutdown, although not at screen lock. This update addresses the issue by preventing firewire DMA at all states where the user is not logged in. CVE-ID CVE-2011-3215 : Passware, Inc.
Kernel Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An unprivileged user may be able to delete another user's files in a shared directory Description: A logic error existed in the kernel's handling of file deletions in directories with the sticky bit. CVE-ID CVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer, and Allan Schmid and Oliver Jeckel of brainworks Training
libsecurity Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: An error handling issue existed when parsing a nonstandard certificate revocation list extension. CVE-ID CVE-2011-3227 : Richard Godbee of Virginia Tech
Mailman Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Mailman 2.1.14 Description: Multiple cross-site scripting issues existed in Mailman 2.1.14. These issues are addressed by improved encoding of characters in HTML output. Further information is available via the Mailman site at http://mail.python.org/pipermail/mailman- announce/2011-February/000158.html This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0707
MediaKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Opening a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of disk images. These issues do not affect OS X Lion systems. CVE-ID CVE-2011-3217 : Apple
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Any user may read another local user's password data Description: An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and Patrick Dunstan at defenseindepth.net
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An authenticated user may change that account's password without providing the current password Description: An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3436 : Patrick Dunstan at defenceindepth.net
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A user may be able to log in without a password Description: When Open Directory is bound to an LDAPv3 server using RFC2307 or custom mappings, such that there is no AuthenticationAuthority attribute for a user, an LDAP user may be allowed to log in without a password. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin, Steven Eppler of Colorado Mesa University, Hugh Cole-Baker, and Frederic Metoz of Institut de Biologie Structurale
PHP Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.6. This issue does not affect systems prior to OS X Lion. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-0226
PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in libpng 1.4.3 Description: libpng is updated to version 1.5.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-2690 CVE-2011-2691 CVE-2011-2692
PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in PHP 5.3.4 Description: PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at http://www.php.net/ CVE-ID CVE-2010-3436 CVE-2010-4645 CVE-2011-0420 CVE-2011-0421 CVE-2011-0708 CVE-2011-1092 CVE-2011-1153 CVE-2011-1466 CVE-2011-1467 CVE-2011-1468 CVE-2011-1469 CVE-2011-1470 CVE-2011-1471
postfix Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may manipulate mail sessions, resulting in the disclosure of sensitive information Description: A logic issue existed in Postfix in the handling of the STARTTLS command. After receiving a STARTTLS command, Postfix may process other plain-text commands. An attacker in a privileged network position may manipulate the mail session to obtain sensitive information from the encrypted traffic. This update addresses the issue by clearing the command queue after processing a STARTTLS command. This issue does not affect OS X Lion systems. Further information is available via the Postfix site at http://www.postfix.org/announcements/postfix-2.7.3.html CVE-ID CVE-2011-0411
python Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in python Description: Multiple vulnerabilities existed in python, the most serious of which may lead to arbitrary code execution. This update addresses the issues by applying patches from the python project. Further information is available via the python site at http://www.python.org/download/releases/ CVE-ID CVE-2010-1634 CVE-2010-2089 CVE-2011-1521
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime's handling of movie files. CVE-ID CVE-2011-3228 : Apple
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSC atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSS atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0250 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSZ atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0251 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STTS atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0252 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may inject script in the local domain when viewing template HTML Description: A cross-site scripting issue existed in QuickTime Player's "Save for Web" export. The template HTML files generated by this feature referenced a script file from a non-encrypted origin. An attacker in a privileged network position may be able to inject malicious scripts in the local domain if the user views a template file locally. This issue is resolved by removing the reference to an online script. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3218 : Aaron Sigel of vtty.com
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of H.264 encoded movie files. CVE-ID CVE-2011-3219 : Damian Put working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to the disclosure of memory contents Description: An uninitialized memory access issue existed in QuickTime's handling of URL data handlers within movie files. CVE-ID CVE-2011-3220 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An implementation issue existed in QuickTime's handling of the atom hierarchy within a movie file. CVE-ID CVE-2011-3221 : an anonymous researcher working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted FlashPix file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of FlashPix files. CVE-ID CVE-2011-3222 : Damian Put working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of FLIC files. CVE-ID CVE-2011-3223 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
SMB File Server Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A guest user may browse shared folders Description: An access control issue existed in the SMB File Server. Disallowing guest access to the share point record for a folder prevented the '_unknown' user from browsing the share point but not guests (user 'nobody'). This issue is addressed by applying the access control to the guest user. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3225
Tomcat Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Tomcat 6.0.24 Description: Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/ CVE-ID CVE-2010-1157 CVE-2010-2227 CVE-2010-3718 CVE-2010-4172 CVE-2011-0013 CVE-2011-0534
User Documentation Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may manipulate App Store help content, leading to arbitrary code execution Description: App Store help content was updated over HTTP. This update addresses the issue by updating App Store help content over HTTPS. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3224 : Aaron Sigel of vtty.com
Web Server Available for: Mac OS X Server v10.6.8 Impact: Clients may be unable to access web services that require digest authentication Description: An issue in the handling of HTTP Digest authentication was addressed. Users may be denied access to the server's resources, when the server configuration should have allowed the access. This issue does not represent a security risk, and was addressed to facilitate the use of stronger authentication mechanisms. Systems running OS X Lion Server are not affected by this issue.
X11 Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in libpng Description: Multiple vulnerabilities existed in libpng, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating libpng to version 1.5.4 on OS Lion systems, and to 1.2.46 on Mac OS X v10.6 systems. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-2690 CVE-2011-2691 CVE-2011-2692
OS X Lion v10.7.2 also includes Safari 5.1.1. For information on the security content of Safari 5.1.1, please visit: http://support.apple.com/kb/HT5000
OS X Lion v10.7.2 and Security Update 2011-006 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2011-006 or OS X v10.7.2.
For OS X Lion v10.7.1 The download file is named: MacOSXUpd10.7.2.dmg Its SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229
For OS X Lion v10.7 The download file is named: MacOSXUpdCombo10.7.2.dmg Its SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb
For OS X Lion Server v10.7.1 The download file is named: MacOSXServerUpd10.7.2.dmg Its SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da
For OS X Lion Server v10.7 The download file is named: MacOSXServerUpdCombo10.7.2.dmg Its SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a
For Mac OS X v10.6.8 The download file is named: SecUpd2011-006Snow.dmg Its SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84
For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2011-006.dmg Its SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3 TFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md /BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U ZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4 sTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG 69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU= =gsvn -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.3"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.8"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.1"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.7"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.5"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.6"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.4"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.2"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4.0"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.6,
"vendor": "postfix",
"version": "2.4"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.9"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.11"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.0"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.1"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.15"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.13"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.1"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.1"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.6"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.12"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.4"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.5"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.5"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.4"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.7"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.11"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.14"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.8"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.0"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.9"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.7.2"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.0"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.3"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.4.10"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.6"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.2"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.10"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.8"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.6.3"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.2"
},
{
"_id": null,
"model": "postfix",
"scope": "eq",
"trust": 1.0,
"vendor": "postfix",
"version": "2.5.7"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyrus imap",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kerio",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postfix",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qmail tls",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"_id": null,
"model": "spamdyke",
"scope": "ne",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2.1"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.3"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.4"
},
{
"_id": null,
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.9"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.01"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.9"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.5"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.2"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.3"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "pure-ftpd",
"scope": "ne",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.30"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"_id": null,
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20011115"
},
{
"_id": null,
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.11"
},
{
"_id": null,
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"_id": null,
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.01"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.2.2"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.5"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20110"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.2"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.3"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.3"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.23"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "pure-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.29"
},
{
"_id": null,
"model": "groupware server 2.1.beta3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.3"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.3"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"_id": null,
"model": "inn",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.3"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.8"
},
{
"_id": null,
"model": "spamdyke",
"scope": "eq",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.31"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.4"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.13"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19991231"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"_id": null,
"model": "imap server",
"scope": "ne",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.7"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.1"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "connect build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.1.42985"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"_id": null,
"model": "linux enterprise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.2"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"_id": null,
"model": "groupware server 2.1beta2",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6-20080902"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"_id": null,
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.5"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "scooffice server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.9"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.20"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.2"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.3"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.12"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.4"
},
{
"_id": null,
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.11"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.1"
},
{
"_id": null,
"model": "netqmail",
"scope": "eq",
"trust": 0.3,
"vendor": "qmail smtpd auth",
"version": "0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.1"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.0.21"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.0"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.1"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"_id": null,
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.3"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.10"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.5"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.8"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.8"
},
{
"_id": null,
"model": "groupware server beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.10"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20010228"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.4"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1.1"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
},
{
"_id": null,
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.6"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.2"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"_id": null,
"model": "starttls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "0"
},
{
"_id": null,
"model": "mailserver build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.17069"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.0"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "groupware server beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.5"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "venema postfix patchlevel",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.44"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.4"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.7"
},
{
"_id": null,
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.10"
},
{
"_id": null,
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19990906"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.6"
},
{
"_id": null,
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"_id": null,
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"credits": {
"_id": null,
"data": "Wietse Venema",
"sources": [
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "99053"
}
],
"trust": 0.4
},
"cve": "CVE-2011-0411",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0411",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-48356",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0411",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555316",
"trust": 0.8,
"value": "1.39"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-213",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-48356",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-0411",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"description": {
"_id": null,
"data": "The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. \nAn attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. \nThe following vendors are affected:\nIpswitch\nKerio\nPostfix\nQmail-TLS\nOracle (note that the affected application is unknown)\nSCO Group\nspamdyke\nISC. Postfix is \u200b\u200ba mail transfer agent used in Unix-like operating systems. The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 did not properly restrict I/ O buffering effect. ==========================================================================\nUbuntu Security Notice USN-1113-1\nApril 18, 2011\n\npostfix vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n- Ubuntu 9.10\n- Ubuntu 8.04 LTS\n- Ubuntu 6.06 LTS\n\nSummary:\n\nAn attacker could send crafted input to Postfix and cause it to reveal\nconfidential information. \nThis issue only affected Ubuntu 6.06 LTS and 8.04 LTS. (CVE-2009-2939)\n\nWietse Venema discovered that Postfix incorrectly handled cleartext\ncommands after TLS is in place. (CVE-2011-0411)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.10:\n postfix 2.7.1-1ubuntu0.1\n\nUbuntu 10.04 LTS:\n postfix 2.7.0-1ubuntu0.1\n\nUbuntu 9.10:\n postfix 2.6.5-3ubuntu0.1\n\nUbuntu 8.04 LTS:\n postfix 2.5.1-2ubuntu1.3\n\nUbuntu 6.06 LTS:\n postfix 2.2.10-1ubuntu0.3\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n CVE-2009-2939, CVE-2011-0411\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1\n https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3\n https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3\n\n\n. \n\nCVE-2011-4130\n\tProFTPD uses a response pool after freeing it under\n\texceptional conditions, possibly leading to remote code\n\texecution. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026amp;products_id=490\n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n\n http://www.postfix.org/CVE-2011-0411.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n ed4ae86475a00faaadbda5683ee496f5 2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm\n 0dea42dbd5958a0a4a4e8a47d020062a 2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm\n 3f3c60fbe60ffa16a542ae78868042c1 2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm \n 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 9fbbd20ce659012dcef2ea534b3e065c 2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm\n d953ece1911ad4f744b5fe5f704c2e9e 2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm\n fd131923aa12607939a33ab0d5a47690 2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm \n 32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm\n\n Mandriva Linux 2010.0:\n 580032400f3f536b90509404bfa5ff50 2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm\n 05fe3428a8378f9c7e8282d9e62c9fdf 2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm\n 8e63f703e071bf7f819b98cb96eeab1d 2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm \n 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 897957ada6eadf9e87bae3e26ff442fe 2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm\n add9ece828990b566192691992e43cc6 2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm\n 6c82671449daf5c7b9d6e40c4c33939b 2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm \n 5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 441c80d9c965274c99d34fce9a4bb6ca 2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm\n f73c5b101a3100fa5ccf7be95cb820c1 2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm\n 1bf7c0076615559f213f9e90aabe1ee3 2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm \n 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 7f83617195a06fe87d4fe91f78256ea8 2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm\n d0428e106e4c4233a266b62b1208f63e 2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm\n 04a2e708f8334b33fda7975f72c9afd0 2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm \n 77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm\n\n Corporate 4.0:\n 2054ec719cbd8c9be8ad7e9bc654f79e corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm\n 2614d3560204ffb498f6c49453442d05 corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm\n 1fb356298d6a5c4b50b6822e8dde3e0b corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm \n 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b4d4edc6889d96135330b98057bf5396 corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm\n 99ffba7cc4e729a617ca45a10baa9125 corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm\n b84684dfd4166dcf6def917014355b76 corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm \n 63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 3e3694e0220ab4cfc55b3d0614443d5d mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm\n c281cdd9b6ab44f956802cbd9d327e36 mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm\n ab25c5522a053fddf570a7af29f79db7 mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm \n 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n dd4fbf6ccb18a342b91b2bdc07048fd9 mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm\n 70a0f49eaca5fd8f7a80967810fbfb7d mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm\n 7e6c3b99218158806d3c747f781a449b mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm \n 71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-33\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Postfix: Multiple vulnerabilities\n Date: June 25, 2012\n Bugs: #358085, #366605\n ID: 201206-33\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA vulnerability has been found in Postfix, the worst of which possibly\nallowing remote code execution. \n\nBackground\n==========\n\nPostfix is Wietse Venema=E2=80=99s mailer that attempts to be fast, easy =\nto\nadminister, and secure, as an alternative to the widely-used Sendmail\nprogram. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 mail-mta/postfix \u003c 2.7.4 \u003e= 2.7.4\n\nDescription\n===========\n\nA vulnerability have been discovered in Postfix. Please review the CVE\nidentifier referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Postfix users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=mail-mta/postfix-2.7.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0411\n[ 2 ] CVE-2011-1720\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1720\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-33.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. This is a writeup about a flaw that I found recently, and that\nexisted in multiple implementations of SMTP (Simple Mail Transfer\nProtocol) over TLS (Transport Layer Security) including my Postfix\nopen source mailserver. I give an overview of the problem and its\nimpact, how to find out if a server is affected, fixes, and draw\nlessons about where we can expect similar problems. A time line\nis at the end. \n\nFor further reading:\nhttp://www.kb.cert.org/vuls/id/555316 \nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0411\nhttp://www.postfix.org/CVE-2011-0411.html (extended writeup)\n\n\tWietse\n\nProblem overview and impact\n===========================\n\nThe TLS protocol encrypts communication and protects it against\nmodification by other parties. This protection exists only if a)\nsoftware is free of flaws, and b) clients verify the server\u0027s TLS\ncertificate, so that there can be no \"man in the middle\" (servers\nusually don\u0027t verify client certificates). \n\nThe problem discussed in this writeup is caused by a software flaw. \n\nThe injected commands could be used to steal the victim\u0027s email or\nSASL (Simple Authentication and Security Layer) username and password. \n\nThis is not as big a problem as it may appear to be. The reason\nis that many SMTP client applications don\u0027t verify server TLS\ncertificates. These SMTP clients are always vulnerable to command\ninjection and other attacks. Their TLS sessions are only encrypted\nbut not protected. \n\nA similar plaintext injection flaw may exist in the way SMTP clients\nhandle SMTP-over-TLS server responses, but its impact is less\ninteresting than the server-side flaw. \n\nSMTP is not the only protocol with a mid-session switch from plaintext\nto TLS. Other examples are POP3, IMAP, NNTP and FTP. Implementations\nof these protocols may be affected by the same flaw as discussed here. \n\nDemonstration\n=============\n\nThe problem is easy to demonstrate with a one-line change to the\nOpenSSL s_client command source code (I would prefer scripting, but\nhaving to install Perl CPAN modules and all their dependencies is\nmore work than downloading a .tar.gz file from openssl.org, adding\neight characters to one line, and doing \"./config; make\"). \n\nThe OpenSSL s_client command can make a connection to servers that\nsupport straight TLS, SMTP over TLS, or a handful other protocols\nover TLS. The demonstration with SMTP over TLS involves a one-line\nchange in the OpenSSL s_client source code (with OpenSSL 1.0.0, at\nline 1129 of file apps/s_client.c). \n\nOld:\t\tBIO_printf(sbio,\"STARTTLS\\r\\n\");\nNew:\t\tBIO_printf(sbio,\"STARTTLS\\r\\nRSET\\r\\n\");\n\nWith this change, the s_client command sends the plaintext STARTTLS\ncommand (\"let\u0027s turn on TLS\") immediately followed by an RSET command\n(a relatively harmless protocol \"reset\"). Both commands are sent\nas plaintext in the same TCP/IP packet, and arrive together at the\nserver. The \"\\r\\n\" are the carriage-return and newline characters;\nthese are necessary to terminate an SMTP command. \n\nWhen an SMTP server has the plaintext injection flaw, it reads the\nSTARTTLS command first, switches to SMTP-over-TLS mode, and only\nthen the server reads the RSET command. Note, the RSET command was\ntransmitted during the plaintext SMTP phase when there is no\nprotection, but the server reads the command as if it was received\nover the TLS-protected channel. \n\nThus, when the SMTP server has the flaw, the s_client command output\nwill show two \"250\" SMTP server responses instead of one. The first\n\"250\" response is normal, and is present even when the server is\nnot flawed. The second \"250\" response is for the RSET command, and\nindicates that the SMTP server has the plaintext injection flaw. \n\n $ apps/openssl s_client -quiet -starttls smtp -connect server:port\n [some server TLS certificate details omitted]\n 250 some text here \u003c=== Normal response, also with \"good\" server. \n 250 more text here \u003c=== RSET response, only with flawed server. \n\nAnatomy of the flaw: it\u0027s all about the plumbing\n================================================\n\nWhether a program may have the plaintext injection flaw depends on\nhow it adjusts the plumbing, as it inserts the TLS protocol layer\nin-between the SMTP protocol layer and the O/S TCP/IP protocol\nlayer. I illustrate this with examples from three open source MTAs:\nPostfix, Sendmail and Exim. The diagram below is best viewed with\na fixed-width font, for example, from the Courier family. \n\n Postfix MTA Sendmail MTA Exim MTA\n before/after before/after before/after\n switch to TLS switch to TLS switch to TLS\n\n SMTP SMTP SMTP SMTP SMTP SMTP \u003c= SMTP layer\n || || || || || ||\n stream stream stream stream\u0027 || ||\n buffers buffers buffers buffers\u0027 rw r\u0027w\u0027 \u003c= stream layer\n rw r\u0027w\u0027 rw r\u0027w\u0027 || ||\n || || || || || ||\n || TLS || TLS || TLS \u003c= TLS layer\n || || || || || ||\n O/S O/S O/S O/S O/S O/S \u003c= TCP/IP layer\n\nAs shown in the diagram, both Postfix and Sendmail use an application-\nlevel stream abstraction, where each stream has properties such as\nread/write buffers, read/write functions (indicated with rw), and\nother properties that are omitted for brevity. \n\nWhen Postfix switches to SMTP over TLS, it replaces the plaintext\nread/write functions (rw) with the TLS read/write functions (r\u0027w\u0027). \nPostfix does not modify any of the other stream properties including\nthe read/write buffers. A patch for qmail that introduces TLS\nsupport uses the same approach. This approach of replacing only\nthe stream read/write functions, but not the buffers or other stream\nproperties, can introduce the plaintext injection flaw. \n\nWhen Sendmail switches to SMTP over TLS, it replaces the entire\nstream, along with its read/write buffers and read/write functions. \nExim, on the other hand, does not seem to have a stream abstraction\nlike Postfix, Sendmail or qmail. Instead of replacing streams or\nstream properties, Exim replaces plaintext read/write functions\nwith TLS read/write functions. Because of their program structure,\nSendmail and Exim didn\u0027t suffer from the plaintext injection flaw. \n\nFixing the problem\n==================\n\nThere are two solutions to address the flaw, and both solutions can\nbe used together. \n\n- Report an error when unexpected plaintext is received after the\n STARTTLS command. As documented in RFC 3207, STARTTLS must be\n the last command in a pipelined group. If plaintext commands are\n received after STARTTLS, then that is a protocol violation. \n\n This measure can also be implemented outside the MTA, for example\n in a protocol-aware firewall. \n\n- If a program uses the same input buffer before and after the\n switch to TLS, it should discard the contents of the input buffer,\n just like it discards SMTP protocol information that it received\n during the plaintext protocol phase. \n\nConclusion\n==========\n\nThis plaintext injection problem is likely to recur when some\ndevelopment moves the plaintext-to-ciphertext switch outside the\napplication: for example, into the kernel, into the local hardware,\ninto a proxy, or into other infrastructure. This encourages\napplications to use the same application-level streams and buffers\nand read/write functions before and after the switch to ciphertext. \nWhen this migration happens, plaintext injection becomes once more\na possibility. \n\nTime line\n=========\n\nJan 5 2011: While finishing Postfix for its annual release, I found\nand fixed this flaw in the SMTP server and client implementations,\nwhere it had been sitting ever since TLS support was adopted. \n\nJan 6-10 2011: As we investigated the scope of the problem, Victor\nDuchovni (co-developer) discovered that other implementations were\nalso affected including security providers and security appliances. \n\nJan 11 2011: Contact CERT/CC to help coordinate with the problem\u0027s\nresolution. \n\nMar 7 2011: Public announcement, and Postfix legacy release updates. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-2939\n The postinst script grants the postfix user write access to\n /var/spool/postfix/pid, which might allow local users to\n conduct symlink attacks that overwrite arbitrary files. \n\nCVE-2011-1720\n A heap-based read-only buffer overflow allows malicious\n clients to crash the smtpd server process using a crafted SASL\n authentication request. \n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 2.5.5-1.1+lenny1. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.7.1-1+squeeze1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.8.0-1. \n\nWe recommend that you upgrade your postfix packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niQEcBAEBAgAGBQJNyXybAAoJEL97/wQC1SS+xb0H/igqYhOTtvO91deptOPyednw\n5sBQPXGoo+RXeomLsJk8P6ezm7fEGTSl7GUEpNwS1qsqAPVnl9XAK6dOGFae1PbG\n2L93eR6AKgKo60tp2On1Tf1c0HcD6yKiZ6J7C7nZ3E8+yZwSd1k6826ZUQ3gzKKW\nDTIu6w2CzzleK/bppWfhAvwvobHD6X1B16qklZfqw6H0C/QfMjM8ZXLCRv9Tq1TN\njX1W4qeed7pr8r3pTJ9npzae7drqFLoVDi0tpGKi0UHEwgRma1AbDaI2BVmeblue\nYNRHg7H+TqfrUwN8iB64WrYvqnHCQfvViL8f0ML2uJXJf/lHby+vxPl6EGxAIoY=\n=yCCp\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006\n\nOS X Lion v10.7.2 and Security Update 2011-006 is now available and\naddresses the following:\n\nApache\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in Apache\nDescription: Apache is updated to version 2.2.20 to address several\nvulnerabilities, the most serious of which may lead to a denial of\nservice. CVE-2011-0419 does not affect OS X Lion systems. Further\ninformation is available via the Apache web site at\nhttp://httpd.apache.org/\nCVE-ID\nCVE-2011-0419\nCVE-2011-3192\n\nApplication Firewall\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Executing a binary with a maliciously crafted name may lead\nto arbitrary code execution with elevated privileges\nDescription: A format string vulnerability existed in Application\nFirewall\u0027s debug logging. \nCVE-ID\nCVE-2011-0185 : an anonymous reporter\n\nATS\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to arbitrary code execution\nDescription: A signedness issue existed in ATS\u0027 handling of Type 1\nfonts. This issue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3437\n\nATS\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to arbitrary code execution\nDescription: An out of bounds memory access issue existed in ATS\u0027\nhandling of Type 1 fonts. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0229 : Will Dormann of the CERT/CC\n\nATS\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Applications which use the ATSFontDeactivate API may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: A buffer overflow issue existed in the\nATSFontDeactivate API. \nCVE-ID\nCVE-2011-0230 : Steven Michaud of Mozilla\n\nBIND\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in BIND 9.7.3\nDescription: Multiple denial of service issues existed in BIND\n9.7.3. These issues are addressed by updating BIND to version\n9.7.3-P3. \nCVE-ID\nCVE-2011-1910\nCVE-2011-2464\n\nBIND\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in BIND\nDescription: Multiple denial of service issues existed in BIND. \nThese issues are addressed by updating BIND to version 9.6-ESV-R4-P3. \nCVE-ID\nCVE-2009-4022\nCVE-2010-0097\nCVE-2010-3613\nCVE-2010-3614\nCVE-2011-1910\nCVE-2011-2464\n\nCertificate Trust Policy\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1. \nImpact: Root certificates have been updated\nDescription: Several trusted certificates were added to the list of\nsystem roots. Several existing certificates were updated to their\nmost recent version. The complete list of recognized system roots may\nbe viewed via the Keychain Access application. \n\nCFNetwork\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Safari may store cookies it is not configured to accept\nDescription: A synchronization issue existed in CFNetwork\u0027s handling\nof cookie policies. Safari\u0027s cookie preferences may not be honored,\nallowing websites to set cookies that would be blocked were the\npreference enforced. This update addresses the issue through improved\nhandling of cookie storage. \nCVE-ID\nCVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin\nC. Walker, and Stephen Creswell\n\nCFNetwork\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of HTTP\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\nCFNetwork could incorrectly send the cookies for a domain to a server\noutside that domain. This issue does not affect systems prior to OS X\nLion. \nCVE-ID\nCVE-2011-3246 : Erling Ellingsen of Facebook\n\nCoreFoundation\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription: A memory corruption issue existed in CoreFoundation\u0027s\nhandling of string tokenization. This issue does not affect OS X Lion\nsystems. This update addresses the issue through improved bounds\nchecking. \nCVE-ID\nCVE-2011-0259 : Apple\n\nCoreMedia\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of video data from another site\nDescription: A cross-origin issue existed in CoreMedia\u0027s handling of\ncross-site redirects. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\nResearch (MSVR)\n\nCoreMedia\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of QuickTime movie files. These issues do not affect OS X\nLion systems. \nCVE-ID\nCVE-2011-0224 : Apple\n\nCoreProcesses\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A person with physical access to a system may partially\nbypass the screen lock\nDescription: A system window, such as a VPN password prompt, that\nappeared while the screen was locked may have accepted keystrokes\nwhile the screen was locked. This issue is addressed by preventing\nsystem windows from requesting keystrokes while the screen is locked. \nThis issue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-0260 : Clint Tseng of the University of Washington, Michael\nKobb, and Adam Kemp\n\nCoreStorage\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Converting to FileVault does not erase all existing data\nDescription: After enabling FileVault, approximately 250MB at the\nstart of the volume was left unencrypted on the disk in an unused\narea. Only data which was present on the volume before FileVault was\nenabled was left unencrypted. This issue is addressed by erasing this\narea when enabling FileVault, and on the first use of an encrypted\nvolume affected by this issue. This issue does not affect systems\nprior to OS X Lion. \nCVE-ID\nCVE-2011-3212 : Judson Powers of ATC-NY\n\nFile Systems\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: An attacker in a privileged network position may manipulate\nHTTPS server certificates, leading to the disclosure of sensitive\ninformation\nDescription: An issue existed in the handling of WebDAV volumes on\nHTTPS servers. If the server presented a certificate chain that could\nnot be automatically verified, a warning was displayed and the\nconnection was closed. If the user clicked the \"Continue\" button in\nthe warning dialog, any certificate was accepted on the following\nconnection to that server. An attacker in a privileged network\nposition may have manipulated the connection to obtain sensitive\ninformation or take action on the server on the user\u0027s behalf. This\nupdate addresses the issue by validating that the certificate\nreceived on the second connection is the same certificate originally\npresented to the user. \nCVE-ID\nCVE-2011-3213 : Apple\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: A person with physical access may be able to bypass the\nscreen lock\nDescription: An issue existed with the screen lock when used with\nApple Cinema Displays. When a password is required to wake from\nsleep, a person with physical access may be able to access the system\nwithout entering a password if the system is in display sleep mode. \nThis update addresses the issue by ensuring that the lock screen is\ncorrectly activated in display sleep mode. This issue does not affect\nOS X Lion systems. \nCVE-ID\nCVE-2011-3214 : Apple\n\niChat Server\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: A remote attacker may cause the Jabber server to consume\nsystem resources disproportionately\nDescription: An issue existed in the handling of XML external\nentities in jabberd2, a server for the Extensible Messaging and\nPresence Protocol (XMPP). jabberd2 expands external entities in\nincoming requests. This allows an attacker to consume system\nresources very quickly, denying service to legitimate users of the\nserver. This update addresses the issue by disabling entity expansion\nin incoming requests. \nCVE-ID\nCVE-2011-1755\n\nKernel\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A person with physical access may be able to access the\nuser\u0027s password\nDescription: A logic error in the kernel\u0027s DMA protection permitted\nfirewire DMA at loginwindow, boot, and shutdown, although not at\nscreen lock. This update addresses the issue by preventing firewire\nDMA at all states where the user is not logged in. \nCVE-ID\nCVE-2011-3215 : Passware, Inc. \n\nKernel\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: An unprivileged user may be able to delete another user\u0027s\nfiles in a shared directory\nDescription: A logic error existed in the kernel\u0027s handling of file\ndeletions in directories with the sticky bit. \nCVE-ID\nCVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer,\nand Allan Schmid and Oliver Jeckel of brainworks Training\n\nlibsecurity\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription: An error handling issue existed when parsing a\nnonstandard certificate revocation list extension. \nCVE-ID\nCVE-2011-3227 : Richard Godbee of Virginia Tech\n\nMailman\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in Mailman 2.1.14\nDescription: Multiple cross-site scripting issues existed in Mailman\n2.1.14. These issues are addressed by improved encoding of characters\nin HTML output. Further information is available via the Mailman site\nat http://mail.python.org/pipermail/mailman-\nannounce/2011-February/000158.html This issue does not affect OS X\nLion systems. \nCVE-ID\nCVE-2011-0707\n\nMediaKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Opening a maliciously crafted disk image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of disk images. These issues do not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-3217 : Apple\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Any user may read another local user\u0027s password data\nDescription: An access control issue existed in Open Directory. This\nissue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and\nPatrick Dunstan at defenseindepth.net\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: An authenticated user may change that account\u0027s password\nwithout providing the current password\nDescription: An access control issue existed in Open Directory. This\nissue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3436 : Patrick Dunstan at defenceindepth.net\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A user may be able to log in without a password\nDescription: When Open Directory is bound to an LDAPv3 server using\nRFC2307 or custom mappings, such that there is no\nAuthenticationAuthority attribute for a user, an LDAP user may be\nallowed to log in without a password. This issue does not affect\nsystems prior to OS X Lion. \nCVE-ID\nCVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin,\nSteven Eppler of Colorado Mesa University, Hugh Cole-Baker, and\nFrederic Metoz of Institut de Biologie Structurale\n\nPHP\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A signedness issue existed in FreeType\u0027s handling of\nType 1 fonts. This issue is addressed by updating FreeType to version\n2.4.6. This issue does not affect systems prior to OS X Lion. Further\ninformation is available via the FreeType site at\nhttp://www.freetype.org/\nCVE-ID\nCVE-2011-0226\n\nPHP\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in libpng 1.4.3\nDescription: libpng is updated to version 1.5.4 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-2690\nCVE-2011-2691\nCVE-2011-2692\n\nPHP\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in PHP 5.3.4\nDescription: PHP is updated to version 5.3.6 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. This issues do not affect OS X Lion systems. Further\ninformation is available via the PHP website at http://www.php.net/\nCVE-ID\nCVE-2010-3436\nCVE-2010-4645\nCVE-2011-0420\nCVE-2011-0421\nCVE-2011-0708\nCVE-2011-1092\nCVE-2011-1153\nCVE-2011-1466\nCVE-2011-1467\nCVE-2011-1468\nCVE-2011-1469\nCVE-2011-1470\nCVE-2011-1471\n\npostfix\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may manipulate\nmail sessions, resulting in the disclosure of sensitive information\nDescription: A logic issue existed in Postfix in the handling of the\nSTARTTLS command. After receiving a STARTTLS command, Postfix may\nprocess other plain-text commands. An attacker in a privileged\nnetwork position may manipulate the mail session to obtain sensitive\ninformation from the encrypted traffic. This update addresses the\nissue by clearing the command queue after processing a STARTTLS\ncommand. This issue does not affect OS X Lion systems. Further\ninformation is available via the Postfix site at\nhttp://www.postfix.org/announcements/postfix-2.7.3.html\nCVE-ID\nCVE-2011-0411\n\npython\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in python\nDescription: Multiple vulnerabilities existed in python, the most\nserious of which may lead to arbitrary code execution. This update\naddresses the issues by applying patches from the python project. \nFurther information is available via the python site at\nhttp://www.python.org/download/releases/\nCVE-ID\nCVE-2010-1634\nCVE-2010-2089\nCVE-2011-1521\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in\nQuickTime\u0027s handling of movie files. \nCVE-ID\nCVE-2011-3228 : Apple\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSC\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0249 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSS\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0250 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSZ\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0251 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STTS\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0252 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may inject\nscript in the local domain when viewing template HTML\nDescription: A cross-site scripting issue existed in QuickTime\nPlayer\u0027s \"Save for Web\" export. The template HTML files generated by\nthis feature referenced a script file from a non-encrypted origin. An\nattacker in a privileged network position may be able to inject\nmalicious scripts in the local domain if the user views a template\nfile locally. This issue is resolved by removing the reference to an\nonline script. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-3218 : Aaron Sigel of vtty.com\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nH.264 encoded movie files. \nCVE-ID\nCVE-2011-3219 : Damian Put working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to the\ndisclosure of memory contents\nDescription: An uninitialized memory access issue existed in\nQuickTime\u0027s handling of URL data handlers within movie files. \nCVE-ID\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An implementation issue existed in QuickTime\u0027s handling\nof the atom hierarchy within a movie file. \nCVE-ID\nCVE-2011-3221 : an anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nFlashPix files. \nCVE-ID\nCVE-2011-3222 : Damian Put working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nFLIC files. \nCVE-ID\nCVE-2011-3223 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nSMB File Server\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A guest user may browse shared folders\nDescription: An access control issue existed in the SMB File Server. \nDisallowing guest access to the share point record for a folder\nprevented the \u0027_unknown\u0027 user from browsing the share point but not\nguests (user \u0027nobody\u0027). This issue is addressed by applying the\naccess control to the guest user. This issue does not affect systems\nprior to OS X Lion. \nCVE-ID\nCVE-2011-3225\n\nTomcat\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in Tomcat 6.0.24\nDescription: Tomcat is updated to version 6.0.32 to address multiple\nvulnerabilities, the most serious of which may lead to a cross site\nscripting attack. Tomcat is only provided on Mac OS X Server systems. \nThis issue does not affect OS X Lion systems. Further information is\navailable via the Tomcat site at http://tomcat.apache.org/\nCVE-ID\nCVE-2010-1157\nCVE-2010-2227\nCVE-2010-3718\nCVE-2010-4172\nCVE-2011-0013\nCVE-2011-0534\n\nUser Documentation\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may manipulate\nApp Store help content, leading to arbitrary code execution\nDescription: App Store help content was updated over HTTP. This\nupdate addresses the issue by updating App Store help content over\nHTTPS. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-3224 : Aaron Sigel of vtty.com\n\nWeb Server\nAvailable for: Mac OS X Server v10.6.8\nImpact: Clients may be unable to access web services that require\ndigest authentication\nDescription: An issue in the handling of HTTP Digest authentication\nwas addressed. Users may be denied access to the server\u0027s resources,\nwhen the server configuration should have allowed the access. This\nissue does not represent a security risk, and was addressed to\nfacilitate the use of stronger authentication mechanisms. Systems\nrunning OS X Lion Server are not affected by this issue. \n\nX11\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in libpng\nDescription: Multiple vulnerabilities existed in libpng, the most\nserious of which may lead to arbitrary code execution. These issues\nare addressed by updating libpng to version 1.5.4 on OS Lion systems,\nand to 1.2.46 on Mac OS X v10.6 systems. Further information is\navailable via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-2690\nCVE-2011-2691\nCVE-2011-2692\n\nOS X Lion v10.7.2 also includes Safari 5.1.1. For information on\nthe security content of Safari 5.1.1, please visit:\nhttp://support.apple.com/kb/HT5000\n\nOS X Lion v10.7.2 and Security Update 2011-006 may be obtained from\nthe Software Update pane in System Preferences, or Apple\u0027s Software\nDownloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. Only one is needed, either\nSecurity Update 2011-006 or OS X v10.7.2. \n\nFor OS X Lion v10.7.1\nThe download file is named: MacOSXUpd10.7.2.dmg\nIts SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229\n\nFor OS X Lion v10.7\nThe download file is named: MacOSXUpdCombo10.7.2.dmg\nIts SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb\n\nFor OS X Lion Server v10.7.1\nThe download file is named: MacOSXServerUpd10.7.2.dmg\nIts SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da\n\nFor OS X Lion Server v10.7\nThe download file is named: MacOSXServerUpdCombo10.7.2.dmg\nIts SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2011-006Snow.dmg\nIts SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2011-006.dmg\nIts SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3\nTFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md\n/BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U\nZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4\nsTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG\n69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU=\n=gsvn\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0411"
},
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "PACKETSTORM",
"id": "105738"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#555316",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2011-0411",
"trust": 2.8
},
{
"db": "BID",
"id": "46767",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "43646",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "43874",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0891",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0752",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0611",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "71021",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1025179",
"trust": 1.8
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/08/10/2",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "99457",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114177",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "107027",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99053",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99392",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-48356",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-0411",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101275",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"id": "VAR-201103-0114",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48356"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T23:25:59.527000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Postfix STARTTLS Achieve repair measures for plaintext command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159437"
},
{
"title": "Debian CVElist Bug Report Logs: postfix STARTTLS affected by CVE-2011-0411",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=74282b8fe400ed6ddbb6171a1052e2fd"
},
{
"title": "Debian CVElist Bug Report Logs: [CVE-2011-4130] Use-after-free issue",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=f7453f9ff437afb706c192fb10d67eb2"
},
{
"title": "Debian CVElist Bug Report Logs: inn: CVE-2012-3523 prone to STARTTLS plaintext command injection",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a774850c70017348487727b907fda84b"
},
{
"title": "Debian CVElist Bug Report Logs: courier: CVE-2021-38084",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9dc8ffd76b724b58108eb46bc913121c"
},
{
"title": "Debian CVElist Bug Report Logs: STARTTLS plaintext command injection",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b03b4eab65949f1c915b1538f80e6a4b"
},
{
"title": "Ubuntu Security Notice: postfix vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1113-1"
},
{
"title": "Debian Security Advisories: DSA-2346-2 proftpd-dfsg -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a1db5959643fcc6f1957a67359aa92ed"
},
{
"title": "Debian Security Advisories: DSA-2233-1 postfix -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=96aadd3bb66ec0adb18615b395c09544"
},
{
"title": "Vision",
"trust": 0.1,
"url": "https://github.com/CoolerVoid/Vision "
},
{
"title": "Vision2",
"trust": 0.1,
"url": "https://github.com/CoolerVoid/Vision2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-264",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.3,
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"trust": 2.3,
"url": "http://www.postfix.org/cve-2011-0411.html"
},
{
"trust": 2.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"trust": 1.9,
"url": "http://security.gentoo.org/glsa/glsa-201206-33.xml"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/46767"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht5002"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/moro-8elh6z"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2011/dsa-2233"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/056560.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-march/056559.html"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/71021"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0422.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0423.html"
},
{
"trust": 1.8,
"url": "http://securitytracker.com/id?1025179"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/43646"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/43874"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2011/0611"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2011/0752"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2011/0891"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/2"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2595"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3207"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4642"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=674814"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/archive/softwarecenter.asp"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0411"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000101.html"
},
{
"trust": 0.3,
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"trust": 0.3,
"url": "http://cyrusimap.org/mediawiki/index.php/bugs_resolved_in_2.4.7"
},
{
"trust": 0.3,
"url": "https://www.isc.org/software/inn/2.5.3article"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m4p"
},
{
"trust": 0.3,
"url": "http://files.kolab.org/server/release/kolab-server-2.3.2/sources/release-notes.txt"
},
{
"trust": 0.3,
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"trust": 0.3,
"url": "http://www.watchguard.com/support/release-notes/xcs/9/en-us/en_releasenotes_xcs_9_1_1/en_releasenotes_wg_xcs_9_1_tls_hotfix.pdf"
},
{
"trust": 0.3,
"url": "http://www.spamdyke.org/documentation/changelog.txt"
},
{
"trust": 0.3,
"url": "http://datatracker.ietf.org/doc/draft-josefsson-kerberos5-starttls/?include_text=1"
},
{
"trust": 0.3,
"url": "/archive/1/516901"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100134676"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100141041"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850478"
},
{
"trust": 0.3,
"url": "http://inoa.net/qmail-tls/vu555316.patch"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2939"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1720"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617849"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1113-1/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.6.5-3ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.2.10-1ubuntu0.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.7.0-1ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.7.1-1ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/postfix/2.5.1-2ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4130"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1720"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0411"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0259"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0185"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0230"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4022"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht5000"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0229"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0251"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3613"
},
{
"trust": 0.1,
"url": "http://www.freetype.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
},
{
"trust": 0.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.1,
"url": "http://www.php.net/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0249"
},
{
"trust": 0.1,
"url": "http://mail.python.org/pipermail/mailman-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.1,
"url": "http://www.postfix.org/announcements/postfix-2.7.3.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0224"
},
{
"trust": 0.1,
"url": "http://www.python.org/download/releases/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-48356"
},
{
"db": "VULMON",
"id": "CVE-2011-0411"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "PACKETSTORM",
"id": "100558"
},
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "99457"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "PACKETSTORM",
"id": "99053"
},
{
"db": "PACKETSTORM",
"id": "101275"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
},
{
"db": "NVD",
"id": "CVE-2011-0411"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#555316",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-48356",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2011-0411",
"ident": null
},
{
"db": "BID",
"id": "46767",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "100558",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "107027",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "99457",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "114177",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "99053",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "101275",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105738",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-0411",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#555316",
"ident": null
},
{
"date": "2011-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-48356",
"ident": null
},
{
"date": "2011-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0411",
"ident": null
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46767",
"ident": null
},
{
"date": "2011-04-18T22:40:46",
"db": "PACKETSTORM",
"id": "100558",
"ident": null
},
{
"date": "2011-11-16T04:40:08",
"db": "PACKETSTORM",
"id": "107027",
"ident": null
},
{
"date": "2011-03-18T21:45:06",
"db": "PACKETSTORM",
"id": "99457",
"ident": null
},
{
"date": "2012-06-25T22:58:41",
"db": "PACKETSTORM",
"id": "114177",
"ident": null
},
{
"date": "2011-03-07T19:44:44",
"db": "PACKETSTORM",
"id": "99053",
"ident": null
},
{
"date": "2011-05-10T18:42:48",
"db": "PACKETSTORM",
"id": "101275",
"ident": null
},
{
"date": "2011-10-13T02:35:35",
"db": "PACKETSTORM",
"id": "105738",
"ident": null
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-213",
"ident": null
},
{
"date": "2011-03-16T22:55:02.717000",
"db": "NVD",
"id": "CVE-2011-0411",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-09-08T00:00:00",
"db": "CERT/CC",
"id": "VU#555316",
"ident": null
},
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-48356",
"ident": null
},
{
"date": "2021-08-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0411",
"ident": null
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "46767",
"ident": null
},
{
"date": "2021-08-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-213",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-0411",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "107027"
},
{
"db": "PACKETSTORM",
"id": "114177"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
}
],
"trust": 0.8
},
"title": {
"_id": null,
"data": "STARTTLS plaintext command injection vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-213"
}
],
"trust": 0.6
}
}
VAR-200106-0149
Vulnerability from variot - Updated: 2026-03-09 22:53Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. "The Bat!" is an MUA for Windows by Rit Research Labs. "The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop. As a result, the user will remain unable to receive new email messages from the affected POP3 account
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "imail",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.06"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lotus",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rit",
"version": null
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "6.06"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.101"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.51"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.49"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.48"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.47"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.46"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.45"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.44"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.43"
},
{
"_id": null,
"model": "research labs the bat! f",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.42"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.42"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.41"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.39"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.36"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.35"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.34"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.33"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.32"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.31"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.22"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.21"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.19"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.18"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.17"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.15"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.14"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.5"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.1"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.043"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.041"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.039"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.036"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.035"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.032"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.031"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.029"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.028"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.015"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "eq",
"trust": 0.3,
"vendor": "rit",
"version": "1.011"
},
{
"_id": null,
"model": "research labs the bat!",
"scope": "ne",
"trust": 0.3,
"vendor": "rit",
"version": "1.52"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "BID",
"id": "2636"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"credits": {
"_id": null,
"data": "Reported to bugtraq by 3APA3A \u003c3APA3A@SECURITY.NNOV.RU\u003e on Wed, 18 Apr, 2001.",
"sources": [
{
"db": "BID",
"id": "2636"
}
],
"trust": 0.3
},
"cve": "CVE-2001-0494",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0494",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-3312",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0494",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555464",
"trust": 0.8,
"value": "4.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#310816",
"trust": 0.8,
"value": "1.62"
},
{
"author": "CNNVD",
"id": "CNNVD-200106-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-3312",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"description": {
"_id": null,
"data": "Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. \"The Bat!\" is an MUA for Windows by Rit Research Labs. \n\"The Bat!\" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause \"The Bat!\" to incorrectly interpret the message\u0027s structure. This can lead \"The Bat!\" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop. \nAs a result, the user will remain unable to receive new email messages from the affected POP3 account",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0494"
},
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "BID",
"id": "2636"
},
{
"db": "VULHUB",
"id": "VHN-3312"
}
],
"trust": 2.7
},
"external_ids": {
"_id": null,
"data": [
{
"db": "OSVDB",
"id": "5610",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2001-0494",
"trust": 1.7
},
{
"db": "BID",
"id": "2636",
"trust": 1.1
},
{
"db": "BID",
"id": "2599",
"trust": 0.8
},
{
"db": "XF",
"id": "6350",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#555464",
"trust": 0.8
},
{
"db": "XF",
"id": "6423",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#310816",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136",
"trust": 0.7
},
{
"db": "XF",
"id": "6445",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20010424 IPSWITCH IMAIL 6.06 SMTP REMOTE SYSTEM ACCESS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3312",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "BID",
"id": "2636"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"id": "VAR-200106-0149",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3312"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T22:53:45.338000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0433.html"
},
{
"trust": 1.7,
"url": "http://ipswitch.com/support/imail/news.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/5610"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6445"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2599"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/advisories/3208"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6350.php"
},
{
"trust": 0.8,
"url": "http://www.notes.net/r5fixlist.nsf/a8f0ffda1fc76c8985256752006aba6c/59719a1dd92c03e385256a4d0073766b?opendocument"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2636"
},
{
"trust": 0.8,
"url": "http://www.ritlabs.com/the_bat/index.html"
},
{
"trust": 0.8,
"url": "http://www.security.nnov.ru/search/news.asp?binid=1136"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/static/6423.php"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/6445.php"
},
{
"trust": 0.3,
"url": "http://www.thebat.net"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555464"
},
{
"db": "CERT/CC",
"id": "VU#310816"
},
{
"db": "VULHUB",
"id": "VHN-3312"
},
{
"db": "BID",
"id": "2636"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
},
{
"db": "NVD",
"id": "CVE-2001-0494"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#555464",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#310816",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-3312",
"ident": null
},
{
"db": "BID",
"id": "2636",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200106-136",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2001-0494",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2001-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#555464",
"ident": null
},
{
"date": "2001-06-01T00:00:00",
"db": "CERT/CC",
"id": "VU#310816",
"ident": null
},
{
"date": "2001-06-27T00:00:00",
"db": "VULHUB",
"id": "VHN-3312",
"ident": null
},
{
"date": "2001-04-18T00:00:00",
"db": "BID",
"id": "2636",
"ident": null
},
{
"date": "2001-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-136",
"ident": null
},
{
"date": "2001-06-27T04:00:00",
"db": "NVD",
"id": "CVE-2001-0494",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#555464",
"ident": null
},
{
"date": "2001-08-30T00:00:00",
"db": "CERT/CC",
"id": "VU#310816",
"ident": null
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3312",
"ident": null
},
{
"date": "2001-04-18T00:00:00",
"db": "BID",
"id": "2636",
"ident": null
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-136",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0494",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Lotus Domino vulnerable to DoS via many large connects sent to 63148/TCP",
"sources": [
{
"db": "CERT/CC",
"id": "VU#555464"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200106-136"
}
],
"trust": 0.6
}
}
VAR-200102-0075
Vulnerability from variot - Updated: 2026-03-09 21:17IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. There is a vulnerability in IPSwitch IMail version 6.0.5. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary January 1, 2001 Volume 6 Number 2
The following computer security issues have been publicly reported and documented in the X-Force Vulnerability and Threat Database (http://xforce.iss.net).
This document is available at http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert Summaries: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: - - 'subscribe alert' (without the quotes).
Contents
115 Reported Vulnerabilities
Risk Factor Key
Date Reported: 12/31/00 Vulnerability: exmh-error-symlink Platforms Affected: exmh 2.2 and earlier Risk Factor: High Attack Type: Host Based Brief Description: exmh error message symlink X-Force URL: http://xforce.iss.net/static/5829.php
Date Reported: 12/30/00 Vulnerability: informix-webdriver-symlink Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Host Based Brief Description: Informix Webdriver symbolic link X-Force URL: http://xforce.iss.net/static/5827.php
Date Reported: 12/30/00 Vulnerability: informix-webdriver-admin-access Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Network Based Brief Description: Informix Webdriver remote Admin access X-Force URL: http://xforce.iss.net/static/5833.php
Date Reported: 12/29/00 Vulnerability: zonealarm-mutex-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial of service X-Force URL: http://xforce.iss.net/static/5821.php
Date Reported: 12/29/00 Vulnerability: zonealarm-batfile-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with a batch file X-Force URL: http://xforce.iss.net/static/5822.php
Date Reported: 12/29/00 Vulnerability: shockwave-flash-swf-bo Platforms Affected: Shockwave Plugin 8.0 and prior Risk Factor: High Attack Type: Network/Host Based Brief Description: Shockwave Flash SWF file buffer overflow X-Force URL: http://xforce.iss.net/static/5826.php
Date Reported: 12/29/00 Vulnerability: macos-multiple-users Platforms Affected: MacOS 9.0 Risk Factor: High Attack Type: Host Based Brief Description: Mac OS 'Multiple Users' bypass password X-Force URL: http://xforce.iss.net/static/5830.php
Date Reported: 12/28/00 Vulnerability: http-cgi-ikonboard Platforms Affected: Ikonboard 2.1.7b and prior Risk Factor: High Attack Type: Host Based Brief Description: Ikonboard allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5819.php
Date Reported: 12/27/00 Vulnerability: http-cgi-technote-main Platforms Affected: TECH-NOTE (000, 2001, Pro) Risk Factor: High Attack Type: Network Based Brief Description: TECH-NOTE main.cgi reveals files X-Force URL: http://xforce.iss.net/static/5813.php
Date Reported: 12/26/00 Vulnerability: xwindows-char-dos Platforms Affected: XFree86 Risk Factor: Low Attack Type: Network/Host Based Brief Description: X Windows multiple character denial of service X-Force URL: http://xforce.iss.net/static/5834.php
Date Reported: 12/25/00 Vulnerability: 1stup-mail-server-bo Platforms Affected: 1st Up Mail Server 4.1 Risk Factor: Medium Attack Type: Network Based Brief Description: 1st Up Mail Server buffer overflow X-Force URL: http://xforce.iss.net/static/5808.php
Date Reported: 12/25/00 Vulnerability: dialog-symlink Platforms Affected: Linux Debian 2.2 Risk Factor: High Attack Type: Host Based Brief Description: Linux dialog package symlink attack X-Force URL: http://xforce.iss.net/static/5809.php
Date Reported: 12/25/00 Vulnerability: ibm-wcs-admin Platforms Affected: IBM Websphere Commerce Suite Risk Factor: High Attack Type: Host Based Brief Description: IBM WCS admin.config allows user to execute arbitrary commands X-Force URL: http://xforce.iss.net/static/5831.php
Date Reported: 12/23/00 Vulnerability: http-cgi-technote-print Platforms Affected: TECH-NOTE (2000, 2001, Pro) Risk Factor: Medium Attack Type: Network Based Brief Description: TECH-NOTE print.cgi reveals files X-Force URL: http://xforce.iss.net/static/5815.php
Date Reported: 12/22/00 Vulnerability: iis-web-form-submit Platforms Affected: IIS (4.0, 5.0) Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IIS Web form submission X-Force URL: http://xforce.iss.net/static/5823.php
Date Reported: 12/21/00 Vulnerability: hpux-kermit-bo Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00) Risk Factor: Medium Attack Type: Host Based Brief Description: HP-UX kermit buffer overflow X-Force URL: http://xforce.iss.net/static/5793.php
Date Reported: 12/21/00 Vulnerability: bsguest-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bsguest.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5796.php
Date Reported: 12/21/00 Vulnerability: bslist-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bslist.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5797.php
Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php
Date Reported: 12/21/00 Vulnerability: oracle-execute-plsql Platforms Affected: Oracle Application Server Risk Factor: Medium Attack Type: Network Based Brief Description: Oracle remote procedure execution X-Force URL: http://xforce.iss.net/static/5817.php
Date Reported: 12/21/00 Vulnerability: ksh-redirection-symlink Platforms Affected: IRIX (6.2, 6.5.x) Solaris (2.5.1, 2.6, 7) HPUX 9.00 Digital Unix 5.0 Risk Factor: High Attack Type: Host Based Brief Description: ksh redirection symlink attack X-Force URL: http://xforce.iss.net/static/5811.php
Date Reported: 12/21/00 Vulnerability: oracle-webdb-admin-access Platforms Affected: Oracle Internet Application Server 3.0.7 Risk Factor: High Attack Type: Network/Host Based Brief Description: Oracle IAS allows administrative access X-Force URL: http://xforce.iss.net/static/5818.php
Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Web Scan Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php
Date Reported: 12/20/00 Vulnerability: gnupg-detached-sig-modify Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG allows users to modify signed messages with detached signatures X-Force URL: http://xforce.iss.net/static/5802.php
Date Reported: 12/20/00 Vulnerability: gnupg-reveal-private Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG will import private keys along with public keys X-Force URL: http://xforce.iss.net/static/5803.php
Date Reported: 12/20/00 Vulnerability: zonealarm-nmap-scans Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm does not detect NMAP scans X-Force URL: http://xforce.iss.net/static/5799.php
Date Reported: 12/20/00 Vulnerability: zonealarm-open-shares Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm open shares X-Force URL: http://xforce.iss.net/static/5825.php
Date Reported: 12/19/00 Vulnerability: win2k-index-service-activex Platforms Affected: Windows 2000 Risk Factor: Low Attack Type: Network/Host Based Brief Description: Windows 2000 Index Service ActiveX controls allow unauthorized access to file information X-Force URL: http://xforce.iss.net/static/5800.php
Date Reported: 12/19/00 Vulnerability: proftpd-size-memory-leak Platforms Affected: Proftpd Risk Factor: Low Attack Type: Network/Host Based Brief Description: proftpd memory leak when using SIZE command X-Force URL: http://xforce.iss.net/static/5801.php
Date Reported: 12/19/00 Vulnerability: weblogic-dot-bo Platforms Affected: WebLogic Risk Factor: Medium Attack Type: Network Based Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow X-Force URL: http://xforce.iss.net/static/5782.php
Date Reported: 12/19/00 Vulnerability: mdaemon-imap-dos Platforms Affected: MDaemon Risk Factor: Medium Attack Type: Network/Host Based Brief Description: MDaemon IMAP buffer overflow denial of service X-Force URL: http://xforce.iss.net/static/5805.php
Date Reported: 12/19/00 Vulnerability: zope-calculate-roles Platforms Affected: Zp[e Risk Factor: High Attack Type: Host Based Brief Description: zope package in Linux calculates local roles incorrectly X-Force URL: http://xforce.iss.net/static/5777.php
Date Reported: 12/19/00 Vulnerability: itetris-svgalib-path Platforms Affected: svgalib Risk Factor: High Attack Type: Host Based Brief Description: Itetris svgalib PATH X-Force URL: http://xforce.iss.net/static/5795.php
Date Reported: 12/18/00 Vulnerability: bsd-ftpd-replydirname-bo Platforms Affected: BSD Based Operating Systems Risk Factor: High Attack Type: Network Based Brief Description: BSD ftpd replydirname() function buffer overflow X-Force URL: http://xforce.iss.net/static/5776.php
Date Reported: 12/18/00 Vulnerability: sonata-command-execute Platforms Affected: Sonata Risk Factor: High Attack Type: Host Based Brief Description: Sonata argument command line execution X-Force URL: http://xforce.iss.net/static/5787.php
Date Reported: 12/18/00 Vulnerability: solaris-catman-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris catman command symlink attack X-Force URL: http://xforce.iss.net/static/5788.php
Date Reported: 12/18/00 Vulnerability: solaris-patchadd-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris patchadd symlink attack X-Force URL: http://xforce.iss.net/static/5789.php
Date Reported: 12/18/00 Vulnerability: stunnel-format-logfile Platforms Affected: Stunnel Risk Factor: High Attack Type: Network Based Brief Description: Stunnel format allows user to write to logfile X-Force URL: http://xforce.iss.net/static/5807.php
Date Reported: 12/17/00 Vulnerability: hp-top-sys-files Platforms Affected: HPUX Risk Factor: Low Attack Type: Host Based Brief Description: HP-UX top command could be used to overwrite files X-Force URL: http://xforce.iss.net/static/5773.php
Date Reported: 12/16/00 Vulnerability: zope-legacy-names Platforms Affected: Zope Risk Factor: Medium Attack Type: Network Based Brief Description: Linux zope package "legacy" names X-Force URL: http://xforce.iss.net/static/5824.php
Date Reported: 12/15/00 Vulnerability: mrj-runtime-malicious-applets Platforms Affected: MRJ Risk Factor: Low Attack Type: Host Based Brief Description: MRJ runtime environment could allow malicious applets to be executed X-Force URL: http://xforce.iss.net/static/5784.php
Date Reported: 12/14/00 Vulnerability: coffeecup-ftp-weak-encryption Platforms Affected: CoffeeCup FTP Risk Factor: Low Attack Type: Host Based Brief Description: CoffeeCup FTP client has weak password encryption X-Force URL: http://xforce.iss.net/static/5744.php
Date Reported: 12/14/00 Vulnerability: watchguard-soho-fragmented-packets Platforms Affected: WatchGuard Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall fragmented IP packet attack X-Force URL: http://xforce.iss.net/static/5749.php
Date Reported: 12/14/00 Vulnerability: jpilot-perms Platforms Affected: J-Pilot Risk Factor: Medium Attack Type: Host Based Brief Description: J-Pilot permissions could reveal sensitive information X-Force URL: http://xforce.iss.net/static/5762.php
Date Reported: 12/14/00 Vulnerability: mediaservices-dropped-connection-dos Platforms Affected: Microsoft Media Services Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft Media Services dropped connection denial of service X-Force URL: http://xforce.iss.net/static/5785.php
Date Reported: 12/14/00 Vulnerability: watchguard-soho-web-auth Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO Web config server could allow unauthenticated access X-Force URL: http://xforce.iss.net/static/5554.php
Date Reported: 12/14/00 Vulnerability: watchguard-soho-passcfg-reset Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO administrator password can be remotely reset X-Force URL: http://xforce.iss.net/static/5742.php
Date Reported: 12/14/00 Vulnerability: http-cgi-simplestguest Platforms Affected: simplestguest.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestguest.cgi input validation error X-Force URL: http://xforce.iss.net/static/5743.php
Date Reported: 12/14/00 Vulnerability: safeword-palm-pin-extraction Platforms Affected: SafeWord e.iD Palm Authenticator Risk Factor: High Attack Type: Network/Host Based Brief Description: SafeWord and e.iD Palm Authenticator allows attacker to clone Palm device X-Force URL: http://xforce.iss.net/static/5753.php
Date Reported: 12/14/00 Vulnerability: mdaemon-lock-bypass-password Platforms Affected: MDaemon Risk Factor: High Attack Type: Host Based Brief Description: MDaemon "lock" bypass password X-Force URL: http://xforce.iss.net/static/5763.php
Date Reported: 12/13/00 Vulnerability: cisco-catalyst-ssh-mismatch Platforms Affected: Cisco Catalyst Risk Factor: Low Attack Type: Network Based Brief Description: Cisco Catalyst SSH protocol mismatch X-Force URL: http://xforce.iss.net/static/5760.php
Date Reported: 12/13/00 Vulnerability: microsoft-iis-file-disclosure Platforms Affected: IIS Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft IIS Far East editions file disclosure X-Force URL: http://xforce.iss.net/static/5729.php
Date Reported: 12/13/00 Vulnerability: ezshopper-cgi-file-disclosure Platforms Affected: loadpage.cgi Risk Factor: Medium Attack Type: Network Based Brief Description: EZshopper loadpage.cgi file disclosure X-Force URL: http://xforce.iss.net/static/5740.php
Date Reported: 12/13/00 Vulnerability: winnt-mstask-dos Platforms Affected: Windows NT Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Windows NT MSTask.exe denial of service X-Force URL: http://xforce.iss.net/static/5746.php
Date Reported: 12/13/00 Vulnerability: bftpd-site-chown-bo Platforms Affected: BFTPD Risk Factor: High Attack Type: Network Based Brief Description: BFTPD SITE CHOWN buffer overflow X-Force URL: http://xforce.iss.net/static/5775.php
Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php
Date Reported: 12/12/00 Vulnerability: subscribemelite-gain-admin-access Platforms Affected: Subscribe Me Lite Risk Factor: Medium Attack Type: Network Based Brief Description: Subscribe Me Lite mailing list manager unauthorized access X-Force URL: http://xforce.iss.net/static/5735.php
Date Reported: 12/12/00 Vulnerability: zope-image-file Platforms Affected: Zope Risk Factor: Medium Attack Type: Host Based Brief Description: Linux zope package Image and File objects X-Force URL: http://xforce.iss.net/static/5778.php
Date Reported: 12/12/00 Vulnerability: http-cgi-everythingform Platforms Affected: everythingform.cgi Risk Factor: High Attack Type: Network Based Brief Description: everythingform.cgi input validation error X-Force URL: http://xforce.iss.net/static/5736.php
Date Reported: 12/12/00 Vulnerability: http-cgi-simplestmail Platforms Affected: simplestmail.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestmail.cgi input validation error X-Force URL: http://xforce.iss.net/static/5739.php
Date Reported: 12/12/00 Vulnerability: http-cgi-ad Platforms Affected: ad.cgi Risk Factor: High Attack Type: Network Based Brief Description: ad.cgi input validation error X-Force URL: http://xforce.iss.net/static/5741.php
Date Reported: 12/12/00 Vulnerability: kde-kmail-weak-encryption Platforms Affected: KDE KMail Risk Factor: High Attack Type: Network/Host Based Brief Description: KDE KMail weak password encryption X-Force URL: http://xforce.iss.net/static/5761.php
Date Reported: 12/12/00 Vulnerability: aolim-buddyicon-bo Platforms Affected: AOL Instant Messenger Risk Factor: High Attack Type: Network/Host Based Brief Description: AOL Instant Messenger Buddy Icon buffer overflow X-Force URL: http://xforce.iss.net/static/5786.php
Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php
Date Reported: 12/11/00 Vulnerability: rppppoe-zero-length-dos Platforms Affected: rp-pppoe Risk Factor: Medium Attack Type: Network Based Brief Description: rp-pppoe "zero-length" option denial of service X-Force URL: http://xforce.iss.net/static/5727.php
Date Reported: 12/11/00 Vulnerability: proftpd-modsqlpw-unauth-access Platforms Affected: ProFTPd Risk Factor: Medium Attack Type: Network Based Brief Description: ProFTPD system using mod_sqlpw unauthorized access X-Force URL: http://xforce.iss.net/static/5737.php
Date Reported: 12/11/00 Vulnerability: gnu-ed-symlink Platforms Affected: GNU ed Risk Factor: High Attack Type: Host Based Brief Description: GNU ed symlink X-Force URL: http://xforce.iss.net/static/5723.php
Date Reported: 12/11/00 Vulnerability: oops-ftputils-bo Platforms Affected: Oops Proxy Server Risk Factor: High Attack Type: Network/Host Based Brief Description: Oops Proxy Server ftp_utils buffer overflow X-Force URL: http://xforce.iss.net/static/5725.php
Date Reported: 12/11/00 Vulnerability: oracle-oidldap-write-permission Platforms Affected: Oracle Internet Directory Risk Factor: High Attack Type: Host Based Brief Description: Oracle Internet Directory write permission X-Force URL: http://xforce.iss.net/static/5804.php
Date Reported: 12/9/00 Vulnerability: foolproof-security-bypass Platforms Affected: FoolProof Risk Factor: High Attack Type: Host Based Brief Description: FoolProof Security restriction bypass using FTP X-Force URL: http://xforce.iss.net/static/5758.php
Date Reported: 12/8/00 Vulnerability: broadvision-bv1to1-reveal-path Platforms Affected: BroadVision One-To-One Enterprise Server Risk Factor: Low Attack Type: Network Based Brief Description: BroadVision One-To-One Enterprise Server reveals path to server X-Force URL: http://xforce.iss.net/static/5661.php
Date Reported: 12/8/00 Vulnerability: ssldump-format-strings Platforms Affected: ssldump Risk Factor: Medium Attack Type: Network Based Brief Description: ssldump format string could allow arbitrary execution of code X-Force URL: http://xforce.iss.net/static/5717.php
Date Reported: 12/8/00 Vulnerability: coldfusion-sample-dos Platforms Affected: ColdFusion Risk Factor: Medium Attack Type: Network/Host Based Brief Description: ColdFusion sample script denial of service X-Force URL: http://xforce.iss.net/static/5755.php
Date Reported: 12/8/00 Vulnerability: kerberos4-arbitrary-proxy Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 arbitrary proxy enviornment variable X-Force URL: http://xforce.iss.net/static/5733.php
Date Reported: 12/8/00 Vulnerability: kerberos4-auth-packet-overflow Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 authentication packet buffer overflow X-Force URL: http://xforce.iss.net/static/5734.php
Date Reported: 12/8/00 Vulnerability: kerberos4-user-config Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 user supplied configuration files X-Force URL: http://xforce.iss.net/static/5738.php
Date Reported: 12/8/00 Vulnerability: kerberos4-tmpfile-dos Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 race condition X-Force URL: http://xforce.iss.net/static/5754.php
Date Reported: 12/7/00 Vulnerability: homeseer-directory-traversal Platforms Affected: HomeSeer Risk Factor: Low Attack Type: Network Based Brief Description: HomeSeer allows directory traversal X-Force URL: http://xforce.iss.net/static/5663.php
Date Reported: 12/7/00 Vulnerability: offline-explorer-reveal-files Platforms Affected: MetaProducts Offline Explorer Risk Factor: Low Attack Type: Network/Host Based Brief Description: MetaProducts Offline Explorer can reveal file system X-Force URL: http://xforce.iss.net/static/5728.php
Date Reported: 12/7/00 Vulnerability: imail-smtp-auth-dos Platforms Affected: IMail Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IMail SMTP auth denial of service X-Force URL: http://xforce.iss.net/static/5674.php
Date Reported: 12/6/00 Vulnerability: apc-apcupsd-dos Platforms Affected: APC apcupsd Risk Factor: Medium Attack Type: Host Based Brief Description: APC apcupsd denial of service X-Force URL: http://xforce.iss.net/static/5654.php
Date Reported: 12/6/00 Vulnerability: cisco-catalyst-telnet-dos Platforms Affected: Cisco Catalyst Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Cisco Catalyst telnet server memory leak denial of service X-Force URL: http://xforce.iss.net/static/5656.php
Date Reported: 12/6/00 Vulnerability: apache-php-disclose-files Platforms Affected: Apache Web server Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Apache Web server discloses files when used with php script X-Force URL: http://xforce.iss.net/static/5659.php
Date Reported: 12/6/00 Vulnerability: ultraseek-reveal-path Platforms Affected: Ultraseek Risk Factor: Medium Attack Type: Network Based Brief Description: Ultraseek Server can reveal the path and source code to certain files X-Force URL: http://xforce.iss.net/static/5660.php
Date Reported: 12/6/00 Vulnerability: irc-dreamforge-dns-dos Platforms Affected: DreamForge IRCd Risk Factor: Medium Attack Type: Network Based Brief Description: DreamForge IRCd DNS denial of service X-Force URL: http://xforce.iss.net/static/5721.php
Date Reported: 12/6/00 Vulnerability: mailman-alternate-templates Platforms Affected: MailMan Risk Factor: High Attack Type: Network Based Brief Description: MailMan Alternate Templates form variable allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5649.php
Date Reported: 12/6/00 Vulnerability: phpgroupware-include-files Platforms Affected: Risk Factor: High Attack Type: Network Based Brief Description: phpGroupWare include files allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5650.php
Date Reported: 12/6/00 Vulnerability: markvision-printer-driver-bo Platforms Affected: Lexmark MarkVision Risk Factor: High Attack Type: Host Based Brief Description: Lexmark MarkVision printer drivers for Unix buffer overflows X-Force URL: http://xforce.iss.net/static/5651.php
Date Reported: 12/6/00 Vulnerability: nt-ras-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Host Based Brief Description: Windows NT RAS registry permissions X-Force URL: http://xforce.iss.net/static/5671.php
Date Reported: 12/6/00 Vulnerability: nt-snmp-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT SNMP registry permissions X-Force URL: http://xforce.iss.net/static/5672.php
Date Reported: 12/6/00 Vulnerability: nt-mts-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT MTS registry permissions X-Force URL: http://xforce.iss.net/static/5673.php
Date Reported: 12/6/00 Vulnerability: irc-bitchx-dns-bo Platforms Affected: BitchX Risk Factor: High Attack Type: Network Based Brief Description: BitchX IRC DNS buffer overflow X-Force URL: http://xforce.iss.net/static/5701.php
Date Reported: 12/5/00 Vulnerability: ibm-db2-gain-access Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database can give access through default username and password X-Force URL: http://xforce.iss.net/static/5662.php
Date Reported: 12/5/00 Vulnerability: ibm-db2-dos Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database denial of service X-Force URL: http://xforce.iss.net/static/5664.php
Date Reported: 12/5/00 Vulnerability: vsu-source-routing Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain source routing X-Force URL: http://xforce.iss.net/static/5667.php
Date Reported: 12/5/00 Vulnerability: vsu-ip-bridging Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain bridging code X-Force URL: http://xforce.iss.net/static/5670.php
Date Reported: 12/5/00 Vulnerability: ftp-servu-homedir-travers Platforms Affected: Serv-U FTP Risk Factor: High Attack Type: Network/Host Based Brief Description: FTP Serv-U home directory traversal could allow access to FTProot X-Force URL: http://xforce.iss.net/static/5639.php
Date Reported: 12/4/00 Vulnerability: cisco-cbos-web-access Platforms Affected: CISCO CBOS Risk Factor: Medium Attack Type: Network Based Brief Description: Cisco CBOS Web access enabled denial of service X-Force URL: http://xforce.iss.net/static/5626.php
Date Reported: 12/4/00 Vulnerability: watchguard-soho-get-dos Platforms Affected: WatchGuard SOHO Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall multiple GET requests denial of service X-Force URL: http://xforce.iss.net/static/5665.php
Date Reported: 12/4/00 Vulnerability: phone-book-service-bo Platforms Affected: Windows 2000 Windows NT Risk Factor: High Attack Type: Network Based Brief Description: Windows NT and 2000 Phone Book service buffer overflow X-Force URL: http://xforce.iss.net/static/5623.php
Date Reported: 12/4/00 Vulnerability: cisco-cbos-syn-packets Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS SYN packets denial of service X-Force URL: http://xforce.iss.net/static/5627.php
Date Reported: 12/4/00 Vulnerability: cisco-cbos-invalid-login Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS does not log invalid logins X-Force URL: http://xforce.iss.net/static/5628.php
Date Reported: 12/4/00 Vulnerability: cisco-cbos-icmp-echo Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS large ICMP ECHO packet denial of service X-Force URL: http://xforce.iss.net/static/5629.php
Date Reported: 12/2/00 Vulnerability: phpweblog-bypass-authentication Platforms Affected: phpWebLog Risk Factor: High Attack Type: Host Based Brief Description: phpWebLog allows users to bypass authentication X-Force URL: http://xforce.iss.net/static/5625.php
Date Reported: 12/1/00 Vulnerability: linux-diskcheck-race-symlink Platforms Affected: Linux Risk Factor: Low Attack Type: Host Based Brief Description: Linux diskcheck race condition could allow a tmp file symbolic link attack X-Force URL: http://xforce.iss.net/static/5624.php
Date Reported: 12/1/00 Vulnerability: ie-form-file-upload Platforms Affected: Microsoft Internet Explorer Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Internet Explorer file upload form X-Force URL: http://xforce.iss.net/static/5615.php
Date Reported: 12/1/00 Vulnerability: mssql-xp-paraminfo-bo Platforms Affected: Risk Factor: Medium Attack Type: Host Based Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow X-Force URL: http://xforce.iss.net/static/5622.php
Date Reported: 12/1/00 Vulnerability: majordomo-auth-execute-commands Platforms Affected: Majordomo Risk Factor: High Attack Type: Network Based Brief Description: Majordomo allows administrative access without password X-Force URL: http://xforce.iss.net/static/5611.php
Date Reported: 12/1/00 Vulnerability: ie-print-template Platforms Affected: Microsoft Internet Explorer Risk Factor: High Attack Type: Network/Host Based Brief Description: Internet Explorer print template X-Force URL: http://xforce.iss.net/static/5614.php
Date Reported: 12/1/00 Vulnerability: aix-piobe-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX piobe buffer overflow X-Force URL: http://xforce.iss.net/static/5616.php
Date Reported: 12/1/00 Vulnerability: aix-pioout-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX pioout buffer overflow X-Force URL: http://xforce.iss.net/static/5617.php
Date Reported: 12/1/00 Vulnerability: aix-setclock-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setclock buffer overflow X-Force URL: http://xforce.iss.net/static/5618.php
Date Reported: 12/1/00 Vulnerability: aix-enq-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX enq buffer overflow X-Force URL: http://xforce.iss.net/static/5619.php
Date Reported: 12/1/00 Vulnerability: aix-digest-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX digest buffer overflow X-Force URL: http://xforce.iss.net/static/5620.php
Date Reported: 12/1/00 Vulnerability: aix-setsenv-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setsenv buffer overflow X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php. To receive these Alerts and Advisories: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: 'subscribe alert' (without the quotes).
About Internet Security Systems (ISS) Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading global provider of security management solutions for the Internet. By combining best of breed products, security management services, aggressive research and development, and comprehensive educational and consulting services, ISS is the trusted security advisor for thousands of organizations around the world looking to protect their mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0 LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw jbM10AXVSHw= =5U+8 -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#610904"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"cve": "CVE-2001-0039",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0039",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-2861",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0039",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#610904",
"trust": 0.8,
"value": "3.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#739201",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#808633",
"trust": 0.8,
"value": "5.36"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#872257",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#886953",
"trust": 0.8,
"value": "15.19"
},
{
"author": "CNNVD",
"id": "CNNVD-200102-106",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2861",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#610904"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"description": {
"_id": null,
"data": "IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. There is a vulnerability in IPSwitch IMail version 6.0.5. -----BEGIN PGP SIGNED MESSAGE-----\n\nInternet Security Systems Security Alert Summary\nJanuary 1, 2001\nVolume 6 Number 2\n\nThe following computer security issues have been publicly reported and \ndocumented in the X-Force Vulnerability and Threat Database\n(http://xforce.iss.net). \n\nThis document is available at\nhttp://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert\nSummaries:\n- - Subscribe to the Alert mailing list from \nhttp://xforce.iss.net/maillists/index.php\n- -\tOr send an email to majordomo@iss.net, and within the body of the\nmessage type: \n- -\t\u0027subscribe alert\u0027 (without the quotes). \n_____\n\nContents\n\n115 Reported Vulnerabilities\n\nRisk Factor Key\n\n_____\n\nDate Reported: 12/31/00\nVulnerability: exmh-error-symlink\nPlatforms Affected: exmh 2.2 and earlier\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: exmh error message symlink\nX-Force URL: http://xforce.iss.net/static/5829.php\n\n_____\n\nDate Reported: 12/30/00\nVulnerability: informix-webdriver-symlink\nPlatforms Affected: Informix Webdriver\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Informix Webdriver symbolic link\nX-Force URL: http://xforce.iss.net/static/5827.php\n\n_____\n\nDate Reported: 12/30/00\nVulnerability: informix-webdriver-admin-access\nPlatforms Affected: Informix Webdriver\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Informix Webdriver remote Admin access\nX-Force URL: http://xforce.iss.net/static/5833.php\n\n_____\n\nDate Reported: 12/29/00\nVulnerability: zonealarm-mutex-dos\nPlatforms Affected: ZoneAlarm Pro\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial\nof service\nX-Force URL: http://xforce.iss.net/static/5821.php\n\n_____\n\nDate Reported: 12/29/00\nVulnerability: zonealarm-batfile-dos\nPlatforms Affected: ZoneAlarm Pro\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with\na batch file\nX-Force URL: http://xforce.iss.net/static/5822.php\n\n_____\n\nDate Reported: 12/29/00\nVulnerability: shockwave-flash-swf-bo\nPlatforms Affected: Shockwave Plugin 8.0 and prior\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Shockwave Flash SWF file buffer overflow\nX-Force URL: http://xforce.iss.net/static/5826.php\n\n_____\n\nDate Reported: 12/29/00\nVulnerability: macos-multiple-users\nPlatforms Affected: MacOS 9.0\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Mac OS \u0027Multiple Users\u0027 bypass password\nX-Force URL: http://xforce.iss.net/static/5830.php\n\n_____\n\nDate Reported: 12/28/00\nVulnerability: http-cgi-ikonboard\nPlatforms Affected: Ikonboard 2.1.7b and prior\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Ikonboard allows remote attacker to execute\ncommands\nX-Force URL: http://xforce.iss.net/static/5819.php\n\n_____\n\nDate Reported: 12/27/00\nVulnerability: http-cgi-technote-main\nPlatforms Affected: TECH-NOTE (000, 2001, Pro)\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: TECH-NOTE main.cgi reveals files\nX-Force URL: http://xforce.iss.net/static/5813.php\n\n_____\n\nDate Reported: 12/26/00\nVulnerability: xwindows-char-dos\nPlatforms Affected: XFree86\nRisk Factor: Low\nAttack Type: Network/Host Based\nBrief Description: X Windows multiple character denial of service\nX-Force URL: http://xforce.iss.net/static/5834.php\n\n_____\n\nDate Reported: 12/25/00\nVulnerability: 1stup-mail-server-bo\nPlatforms Affected: 1st Up Mail Server 4.1\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: 1st Up Mail Server buffer overflow\nX-Force URL: http://xforce.iss.net/static/5808.php\n\n_____\n\nDate Reported: 12/25/00\nVulnerability: dialog-symlink\nPlatforms Affected: Linux Debian 2.2\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Linux dialog package symlink attack\nX-Force URL: http://xforce.iss.net/static/5809.php\n\n_____\n\nDate Reported: 12/25/00\nVulnerability: ibm-wcs-admin\nPlatforms Affected: IBM Websphere Commerce Suite\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: IBM WCS admin.config allows user to execute\narbitrary commands\nX-Force URL: http://xforce.iss.net/static/5831.php\n\n_____\n\nDate Reported: 12/23/00\nVulnerability: http-cgi-technote-print\nPlatforms Affected: TECH-NOTE (2000, 2001, Pro)\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: TECH-NOTE print.cgi reveals files\nX-Force URL: http://xforce.iss.net/static/5815.php\n\n_____\n\nDate Reported: 12/22/00\nVulnerability: iis-web-form-submit\nPlatforms Affected: IIS (4.0, 5.0)\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: IIS Web form submission\nX-Force URL: http://xforce.iss.net/static/5823.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: hpux-kermit-bo\nPlatforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: HP-UX kermit buffer overflow\nX-Force URL: http://xforce.iss.net/static/5793.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: bsguest-cgi-execute-commands\nPlatforms Affected: Linux\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: bsguest.cgi allows remote execution of commands on\nserver\nX-Force URL: http://xforce.iss.net/static/5796.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: bslist-cgi-execute-commands\nPlatforms Affected: Linux\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: bslist.cgi allows remote execution of commands on\nserver\nX-Force URL: http://xforce.iss.net/static/5797.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: infinite-interchange-dos\nPlatforms Affected: Infinite Interchange 3.61\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Infinite InterChange denial of service\nX-Force URL: http://xforce.iss.net/static/5798.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: oracle-execute-plsql\nPlatforms Affected: Oracle Application Server\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: Oracle remote procedure execution\nX-Force URL: http://xforce.iss.net/static/5817.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: ksh-redirection-symlink\nPlatforms Affected: IRIX (6.2, 6.5.x)\n Solaris (2.5.1, 2.6, 7)\n HPUX 9.00\n Digital Unix 5.0\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: ksh redirection symlink attack\nX-Force URL: http://xforce.iss.net/static/5811.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: oracle-webdb-admin-access\nPlatforms Affected: Oracle Internet Application Server 3.0.7\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Oracle IAS allows administrative access\nX-Force URL: http://xforce.iss.net/static/5818.php\n\n_____\n\nDate Reported: 12/21/00\nVulnerability: infinite-interchange-dos\nPlatforms Affected: Infinite Interchange 3.61\nRisk Factor: Web Scan\nAttack Type: Network/Host Based\nBrief Description: Infinite InterChange denial of service\nX-Force URL: http://xforce.iss.net/static/5798.php\n\n_____\n\nDate Reported: 12/20/00\nVulnerability: gnupg-detached-sig-modify\nPlatforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: GnuPG allows users to modify signed messages with\ndetached signatures\nX-Force URL: http://xforce.iss.net/static/5802.php\n\n_____\n\nDate Reported: 12/20/00\nVulnerability: gnupg-reveal-private\nPlatforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: GnuPG will import private keys along with public\nkeys\nX-Force URL: http://xforce.iss.net/static/5803.php\n\n_____\n\nDate Reported: 12/20/00\nVulnerability: zonealarm-nmap-scans\nPlatforms Affected: ZoneAlarm\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: ZoneAlarm does not detect NMAP scans\nX-Force URL: http://xforce.iss.net/static/5799.php\n\n_____\n\nDate Reported: 12/20/00\nVulnerability: zonealarm-open-shares\nPlatforms Affected: ZoneAlarm\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: ZoneAlarm open shares\nX-Force URL: http://xforce.iss.net/static/5825.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: win2k-index-service-activex\nPlatforms Affected: Windows 2000\nRisk Factor: Low\nAttack Type: Network/Host Based\nBrief Description: Windows 2000 Index Service ActiveX controls allow\nunauthorized access to file information\nX-Force URL: http://xforce.iss.net/static/5800.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: proftpd-size-memory-leak\nPlatforms Affected: Proftpd\nRisk Factor: Low\nAttack Type: Network/Host Based\nBrief Description: proftpd memory leak when using SIZE command\nX-Force URL: http://xforce.iss.net/static/5801.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: weblogic-dot-bo\nPlatforms Affected: WebLogic\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: BEA WebLogic Server \"dotdot\" URL buffer overflow\nX-Force URL: http://xforce.iss.net/static/5782.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: mdaemon-imap-dos\nPlatforms Affected: MDaemon\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: MDaemon IMAP buffer overflow denial of service\nX-Force URL: http://xforce.iss.net/static/5805.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: zope-calculate-roles\nPlatforms Affected: Zp[e\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: zope package in Linux calculates local roles\nincorrectly\nX-Force URL: http://xforce.iss.net/static/5777.php\n\n_____\n\nDate Reported: 12/19/00\nVulnerability: itetris-svgalib-path\nPlatforms Affected: svgalib\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Itetris svgalib PATH\nX-Force URL: http://xforce.iss.net/static/5795.php\n\n_____\n\nDate Reported: 12/18/00\nVulnerability: bsd-ftpd-replydirname-bo\nPlatforms Affected: BSD Based Operating Systems\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: BSD ftpd replydirname() function buffer overflow\nX-Force URL: http://xforce.iss.net/static/5776.php\n\n_____\n\nDate Reported: 12/18/00\nVulnerability: sonata-command-execute\nPlatforms Affected: Sonata\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Sonata argument command line execution\nX-Force URL: http://xforce.iss.net/static/5787.php\n\n_____\n\nDate Reported: 12/18/00\nVulnerability: solaris-catman-symlink\nPlatforms Affected: Solaris\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Solaris catman command symlink attack\nX-Force URL: http://xforce.iss.net/static/5788.php\n\n_____\n\nDate Reported: 12/18/00\nVulnerability: solaris-patchadd-symlink\nPlatforms Affected: Solaris\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Solaris patchadd symlink attack\nX-Force URL: http://xforce.iss.net/static/5789.php\n\n_____\n\nDate Reported: 12/18/00\nVulnerability: stunnel-format-logfile\nPlatforms Affected: Stunnel\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Stunnel format allows user to write to logfile\nX-Force URL: http://xforce.iss.net/static/5807.php\n\n_____\n\nDate Reported: 12/17/00\nVulnerability: hp-top-sys-files\nPlatforms Affected: HPUX\nRisk Factor: Low\nAttack Type: Host Based\nBrief Description: HP-UX top command could be used to overwrite files\nX-Force URL: http://xforce.iss.net/static/5773.php\n\n_____\n\nDate Reported: 12/16/00\nVulnerability: zope-legacy-names\nPlatforms Affected: Zope\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: Linux zope package \"legacy\" names\nX-Force URL: http://xforce.iss.net/static/5824.php\n\n_____\n\nDate Reported: 12/15/00\nVulnerability: mrj-runtime-malicious-applets\nPlatforms Affected: MRJ\nRisk Factor: Low\nAttack Type: Host Based\nBrief Description: MRJ runtime environment could allow malicious\napplets to be executed\nX-Force URL: http://xforce.iss.net/static/5784.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: coffeecup-ftp-weak-encryption\nPlatforms Affected: CoffeeCup FTP\nRisk Factor: Low\nAttack Type: Host Based\nBrief Description: CoffeeCup FTP client has weak password encryption\nX-Force URL: http://xforce.iss.net/static/5744.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: watchguard-soho-fragmented-packets\nPlatforms Affected: WatchGuard\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: WatchGuard SOHO Firewall fragmented IP packet\nattack\nX-Force URL: http://xforce.iss.net/static/5749.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: jpilot-perms\nPlatforms Affected: J-Pilot\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: J-Pilot permissions could reveal sensitive\ninformation\nX-Force URL: http://xforce.iss.net/static/5762.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: mediaservices-dropped-connection-dos\nPlatforms Affected: Microsoft Media Services\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Microsoft Media Services dropped connection denial\nof service\nX-Force URL: http://xforce.iss.net/static/5785.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: watchguard-soho-web-auth\nPlatforms Affected: WatchGuard\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: WatchGuard SOHO Web config server could allow\nunauthenticated access\nX-Force URL: http://xforce.iss.net/static/5554.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: watchguard-soho-passcfg-reset\nPlatforms Affected: WatchGuard\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: WatchGuard SOHO administrator password can be\nremotely reset\nX-Force URL: http://xforce.iss.net/static/5742.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: http-cgi-simplestguest\nPlatforms Affected: simplestguest.cgi\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: simplestguest.cgi input validation error\nX-Force URL: http://xforce.iss.net/static/5743.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: safeword-palm-pin-extraction\nPlatforms Affected: SafeWord\n e.iD Palm Authenticator\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: SafeWord and e.iD Palm Authenticator allows\nattacker to clone Palm device\nX-Force URL: http://xforce.iss.net/static/5753.php\n\n_____\n\nDate Reported: 12/14/00\nVulnerability: mdaemon-lock-bypass-password\nPlatforms Affected: MDaemon\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: MDaemon \"lock\" bypass password\nX-Force URL: http://xforce.iss.net/static/5763.php\n\n_____\n\nDate Reported: 12/13/00\nVulnerability: cisco-catalyst-ssh-mismatch\nPlatforms Affected: Cisco Catalyst\nRisk Factor: Low\nAttack Type: Network Based\nBrief Description: Cisco Catalyst SSH protocol mismatch\nX-Force URL: http://xforce.iss.net/static/5760.php\n\n_____\n\nDate Reported: 12/13/00\nVulnerability: microsoft-iis-file-disclosure\nPlatforms Affected: IIS\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Microsoft IIS Far East editions file disclosure\nX-Force URL: http://xforce.iss.net/static/5729.php\n\n_____\n\nDate Reported: 12/13/00\nVulnerability: ezshopper-cgi-file-disclosure\nPlatforms Affected: loadpage.cgi\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: EZshopper loadpage.cgi file disclosure\nX-Force URL: http://xforce.iss.net/static/5740.php\n\n_____\n\nDate Reported: 12/13/00\nVulnerability: winnt-mstask-dos\nPlatforms Affected: Windows NT\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Windows NT MSTask.exe denial of service\nX-Force URL: http://xforce.iss.net/static/5746.php\n\n_____\n\nDate Reported: 12/13/00\nVulnerability: bftpd-site-chown-bo\nPlatforms Affected: BFTPD\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: BFTPD SITE CHOWN buffer overflow\nX-Force URL: http://xforce.iss.net/static/5775.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: aim-remote-bo\nPlatforms Affected: AOL Instant Messenger\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: AOL Instant Messenger buffer overflow\nX-Force URL: http://xforce.iss.net/static/5732.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: subscribemelite-gain-admin-access\nPlatforms Affected: Subscribe Me Lite\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: Subscribe Me Lite mailing list manager\nunauthorized access\nX-Force URL: http://xforce.iss.net/static/5735.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: zope-image-file\nPlatforms Affected: Zope\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: Linux zope package Image and File objects\nX-Force URL: http://xforce.iss.net/static/5778.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: http-cgi-everythingform\nPlatforms Affected: everythingform.cgi\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: everythingform.cgi input validation error\nX-Force URL: http://xforce.iss.net/static/5736.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: http-cgi-simplestmail\nPlatforms Affected: simplestmail.cgi\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: simplestmail.cgi input validation error\nX-Force URL: http://xforce.iss.net/static/5739.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: http-cgi-ad\nPlatforms Affected: ad.cgi\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: ad.cgi input validation error\nX-Force URL: http://xforce.iss.net/static/5741.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: kde-kmail-weak-encryption\nPlatforms Affected: KDE KMail\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: KDE KMail weak password encryption\nX-Force URL: http://xforce.iss.net/static/5761.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: aolim-buddyicon-bo\nPlatforms Affected: AOL Instant Messenger\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: AOL Instant Messenger Buddy Icon buffer overflow\nX-Force URL: http://xforce.iss.net/static/5786.php\n\n_____\n\nDate Reported: 12/12/00\nVulnerability: aim-remote-bo\nPlatforms Affected: AOL Instant Messenger\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: AOL Instant Messenger buffer overflow\nX-Force URL: http://xforce.iss.net/static/5732.php\n\n_____\n\nDate Reported: 12/11/00\nVulnerability: rppppoe-zero-length-dos\nPlatforms Affected: rp-pppoe\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: rp-pppoe \"zero-length\" option denial of service\nX-Force URL: http://xforce.iss.net/static/5727.php\n\n_____\n\nDate Reported: 12/11/00\nVulnerability: proftpd-modsqlpw-unauth-access\nPlatforms Affected: ProFTPd\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: ProFTPD system using mod_sqlpw unauthorized access\nX-Force URL: http://xforce.iss.net/static/5737.php\n\n_____\n\nDate Reported: 12/11/00\nVulnerability: gnu-ed-symlink\nPlatforms Affected: GNU ed\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: GNU ed symlink\nX-Force URL: http://xforce.iss.net/static/5723.php\n\n_____\n\nDate Reported: 12/11/00\nVulnerability: oops-ftputils-bo\nPlatforms Affected: Oops Proxy Server\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Oops Proxy Server ftp_utils buffer overflow\nX-Force URL: http://xforce.iss.net/static/5725.php\n\n_____\n\nDate Reported: 12/11/00\nVulnerability: oracle-oidldap-write-permission\nPlatforms Affected: Oracle Internet Directory\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Oracle Internet Directory write permission\nX-Force URL: http://xforce.iss.net/static/5804.php\n\n_____\n\nDate Reported: 12/9/00\nVulnerability: foolproof-security-bypass\nPlatforms Affected: FoolProof\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: FoolProof Security restriction bypass using FTP\nX-Force URL: http://xforce.iss.net/static/5758.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: broadvision-bv1to1-reveal-path\nPlatforms Affected: BroadVision One-To-One Enterprise Server\nRisk Factor: Low\nAttack Type: Network Based\nBrief Description: BroadVision One-To-One Enterprise Server reveals\npath to server\nX-Force URL: http://xforce.iss.net/static/5661.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: ssldump-format-strings\nPlatforms Affected: ssldump\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: ssldump format string could allow arbitrary\nexecution of code\nX-Force URL: http://xforce.iss.net/static/5717.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: coldfusion-sample-dos\nPlatforms Affected: ColdFusion\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: ColdFusion sample script denial of service\nX-Force URL: http://xforce.iss.net/static/5755.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: kerberos4-arbitrary-proxy\nPlatforms Affected: Kerberos 4\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: KTH Kerberos 4 arbitrary proxy enviornment\nvariable\nX-Force URL: http://xforce.iss.net/static/5733.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: kerberos4-auth-packet-overflow\nPlatforms Affected: Kerberos 4\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: KTH Kerberos 4 authentication packet buffer\noverflow\nX-Force URL: http://xforce.iss.net/static/5734.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: kerberos4-user-config\nPlatforms Affected: Kerberos 4\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: KTH Kerberos 4 user supplied configuration files\nX-Force URL: http://xforce.iss.net/static/5738.php\n\n_____\n\nDate Reported: 12/8/00\nVulnerability: kerberos4-tmpfile-dos\nPlatforms Affected: Kerberos 4\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: KTH Kerberos 4 race condition\nX-Force URL: http://xforce.iss.net/static/5754.php\n\n_____\n\nDate Reported: 12/7/00\nVulnerability: homeseer-directory-traversal\nPlatforms Affected: HomeSeer\nRisk Factor: Low\nAttack Type: Network Based\nBrief Description: HomeSeer allows directory traversal\nX-Force URL: http://xforce.iss.net/static/5663.php\n\n_____\n\nDate Reported: 12/7/00\nVulnerability: offline-explorer-reveal-files\nPlatforms Affected: MetaProducts Offline Explorer\nRisk Factor: Low\nAttack Type: Network/Host Based\nBrief Description: MetaProducts Offline Explorer can reveal file\nsystem\nX-Force URL: http://xforce.iss.net/static/5728.php\n\n_____\n\nDate Reported: 12/7/00\nVulnerability: imail-smtp-auth-dos\nPlatforms Affected: IMail\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: IMail SMTP auth denial of service\nX-Force URL: http://xforce.iss.net/static/5674.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: apc-apcupsd-dos\nPlatforms Affected: APC apcupsd\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: APC apcupsd denial of service\nX-Force URL: http://xforce.iss.net/static/5654.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: cisco-catalyst-telnet-dos\nPlatforms Affected: Cisco Catalyst\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Cisco Catalyst telnet server memory leak denial of\nservice\nX-Force URL: http://xforce.iss.net/static/5656.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: apache-php-disclose-files\nPlatforms Affected: Apache Web server\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Apache Web server discloses files when used with\nphp script\nX-Force URL: http://xforce.iss.net/static/5659.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: ultraseek-reveal-path\nPlatforms Affected: Ultraseek\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: Ultraseek Server can reveal the path and source\ncode to certain files\nX-Force URL: http://xforce.iss.net/static/5660.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: irc-dreamforge-dns-dos\nPlatforms Affected: DreamForge IRCd\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: DreamForge IRCd DNS denial of service\nX-Force URL: http://xforce.iss.net/static/5721.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: mailman-alternate-templates\nPlatforms Affected: MailMan\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: MailMan Alternate Templates form variable allows\nremote attacker to execute commands\nX-Force URL: http://xforce.iss.net/static/5649.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: phpgroupware-include-files\nPlatforms Affected:\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: phpGroupWare include files allows remote attacker\nto execute commands\nX-Force URL: http://xforce.iss.net/static/5650.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: markvision-printer-driver-bo\nPlatforms Affected: Lexmark MarkVision\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Lexmark MarkVision printer drivers for Unix buffer\noverflows\nX-Force URL: http://xforce.iss.net/static/5651.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: nt-ras-reg-perms\nPlatforms Affected: Windows NT\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: Windows NT RAS registry permissions\nX-Force URL: http://xforce.iss.net/static/5671.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: nt-snmp-reg-perms\nPlatforms Affected: Windows NT\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Windows NT SNMP registry permissions\nX-Force URL: http://xforce.iss.net/static/5672.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: nt-mts-reg-perms\nPlatforms Affected: Windows NT\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Windows NT MTS registry permissions\nX-Force URL: http://xforce.iss.net/static/5673.php\n\n_____\n\nDate Reported: 12/6/00\nVulnerability: irc-bitchx-dns-bo\nPlatforms Affected: BitchX\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: BitchX IRC DNS buffer overflow\nX-Force URL: http://xforce.iss.net/static/5701.php\n\n_____\n\nDate Reported: 12/5/00\nVulnerability: ibm-db2-gain-access\nPlatforms Affected: IBM DB2\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: IBM DB2 Universal Database can give access through\ndefault username and password\nX-Force URL: http://xforce.iss.net/static/5662.php\n\n_____\n\nDate Reported: 12/5/00\nVulnerability: ibm-db2-dos\nPlatforms Affected: IBM DB2\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: IBM DB2 Universal Database denial of service\nX-Force URL: http://xforce.iss.net/static/5664.php\n\n_____\n\nDate Reported: 12/5/00\nVulnerability: vsu-source-routing\nPlatforms Affected: VSU\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: VPNet VSU gateways contain source routing\nX-Force URL: http://xforce.iss.net/static/5667.php\n\n_____\n\nDate Reported: 12/5/00\nVulnerability: vsu-ip-bridging\nPlatforms Affected: VSU\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: VPNet VSU gateways contain bridging code\nX-Force URL: http://xforce.iss.net/static/5670.php\n\n_____\n\nDate Reported: 12/5/00\nVulnerability: ftp-servu-homedir-travers\nPlatforms Affected: Serv-U FTP\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: FTP Serv-U home directory traversal could allow\naccess to FTProot\nX-Force URL: http://xforce.iss.net/static/5639.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: cisco-cbos-web-access\nPlatforms Affected: CISCO CBOS\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: Cisco CBOS Web access enabled denial of service\nX-Force URL: http://xforce.iss.net/static/5626.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: watchguard-soho-get-dos\nPlatforms Affected: WatchGuard SOHO\nRisk Factor: Medium\nAttack Type: Network Based\nBrief Description: WatchGuard SOHO Firewall multiple GET requests\ndenial of service\nX-Force URL: http://xforce.iss.net/static/5665.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: phone-book-service-bo\nPlatforms Affected: Windows 2000\n Windows NT\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Windows NT and 2000 Phone Book service buffer\noverflow\nX-Force URL: http://xforce.iss.net/static/5623.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: cisco-cbos-syn-packets\nPlatforms Affected: CISCO CBOS\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Cisco CBOS SYN packets denial of service\nX-Force URL: http://xforce.iss.net/static/5627.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: cisco-cbos-invalid-login\nPlatforms Affected: CISCO CBOS\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Cisco CBOS does not log invalid logins\nX-Force URL: http://xforce.iss.net/static/5628.php\n\n_____\n\nDate Reported: 12/4/00\nVulnerability: cisco-cbos-icmp-echo\nPlatforms Affected: CISCO CBOS\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Cisco CBOS large ICMP ECHO packet denial of\nservice\nX-Force URL: http://xforce.iss.net/static/5629.php\n\n_____\n\nDate Reported: 12/2/00\nVulnerability: phpweblog-bypass-authentication\nPlatforms Affected: phpWebLog\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: phpWebLog allows users to bypass authentication\nX-Force URL: http://xforce.iss.net/static/5625.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: linux-diskcheck-race-symlink\nPlatforms Affected: Linux\nRisk Factor: Low\nAttack Type: Host Based\nBrief Description: Linux diskcheck race condition could allow a tmp\nfile symbolic link attack\nX-Force URL: http://xforce.iss.net/static/5624.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: ie-form-file-upload\nPlatforms Affected: Microsoft Internet Explorer\nRisk Factor: Medium\nAttack Type: Network/Host Based\nBrief Description: Internet Explorer file upload form\nX-Force URL: http://xforce.iss.net/static/5615.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: mssql-xp-paraminfo-bo\nPlatforms Affected:\nRisk Factor: Medium\nAttack Type: Host Based\nBrief Description: Microsoft SQL XP srv_paraminfo() buffer overflow\nX-Force URL: http://xforce.iss.net/static/5622.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: majordomo-auth-execute-commands\nPlatforms Affected: Majordomo\nRisk Factor: High\nAttack Type: Network Based\nBrief Description: Majordomo allows administrative access without\npassword\nX-Force URL: http://xforce.iss.net/static/5611.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: ie-print-template\nPlatforms Affected: Microsoft Internet Explorer\nRisk Factor: High\nAttack Type: Network/Host Based\nBrief Description: Internet Explorer print template\nX-Force URL: http://xforce.iss.net/static/5614.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-piobe-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX piobe buffer overflow\nX-Force URL: http://xforce.iss.net/static/5616.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-pioout-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX pioout buffer overflow\nX-Force URL: http://xforce.iss.net/static/5617.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-setclock-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX setclock buffer overflow\nX-Force URL: http://xforce.iss.net/static/5618.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-enq-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX enq buffer overflow\nX-Force URL: http://xforce.iss.net/static/5619.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-digest-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX digest buffer overflow\nX-Force URL: http://xforce.iss.net/static/5620.php\n\n_____\n\nDate Reported: 12/1/00\nVulnerability: aix-setsenv-bo\nPlatforms Affected: AIX\nRisk Factor: High\nAttack Type: Host Based\nBrief Description: AIX setsenv buffer overflow\nX-Force URL: http://xforce.iss.net/static/5621.php\n\n\n\nRisk Factor Key:\n\n High Any vulnerability that provides an attacker with immediate\n access into a machine, gains superuser access, or bypasses\n a firewall. Example: A vulnerable Sendmail 8.6.5 version\n that allows an intruder to execute commands on mail\n server. \n Medium Any vulnerability that provides information that has a\n high potential of giving system access to an intruder. \n Example: A misconfigured TFTP or vulnerable NIS server\n that allows an intruder to get the password file that\n could contain an account with a guessable password. \n Low Any vulnerability that provides information that\n potentially could lead to a compromise. Example: A\n finger that allows an intruder to find out who is online\n and potential accounts to attempt to crack passwords\n via brute force methods. \n\n\n_____\n\nAdditional Information\n\nThis document is available at http://xforce.iss.net/alerts/advisennn.php. \nTo receive these Alerts and Advisories:\n- - Subscribe to the Alert mailing list from\nhttp://xforce.iss.net/maillists/index.php\n- - Or send an email to majordomo@iss.net, and within the body of the\nmessage type: \n\u0027subscribe alert\u0027 (without the quotes). \n\n\nAbout Internet Security Systems (ISS)\nInternet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading\nglobal provider of security management solutions for the Internet. \nBy combining best of breed products, security management services, \naggressive research and development, and comprehensive educational \nand consulting services, ISS is the trusted security advisor for \nthousands of organizations around the world looking to protect their \nmission critical information and networks. \n\nCopyright (c) 2001 by Internet Security Systems, Inc. \n\nPermission is hereby granted for the redistribution of this Alert\nelectronically. It is not to be edited in any way without express consent\nof the X-Force. If you wish to reprint the whole or any part of this\nAlert in any other medium excluding electronic medium, please e-mail\nxforce@iss.net for permission. \n\nDisclaimer\n\nThe information within this paper may change without notice. Use of this\ninformation constitutes acceptance for use in an AS IS condition. There\nare NO warranties with regard to this information. In no event shall the\nauthor be liable for any damages whatsoever arising out of or in\nconnection with the use or spread of this information. Any use of this\ninformation is at the user\u0027s own risk. \n\n\n\n\nX-Force PGP Key available at: http://xforce.iss.net/sensitive.php as \nwell as on MIT\u0027s PGP key server and PGP.com\u0027s key server. \n\nPlease send suggestions, updates, and comments to: X-Force xforce@iss.net\nof Internet Security Systems, Inc. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: 2.6.3a\nCharset: noconv\n\niQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0\nLLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL\nr21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw\njbM10AXVSHw=\n=5U+8\n-----END PGP SIGNATURE-----\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0039"
},
{
"db": "CERT/CC",
"id": "VU#610904"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "24096"
}
],
"trust": 4.68
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2001-0039",
"trust": 1.7
},
{
"db": "BID",
"id": "2083",
"trust": 1.7
},
{
"db": "XF",
"id": "5804",
"trust": 0.9
},
{
"db": "XF",
"id": "5618",
"trust": 0.9
},
{
"db": "XF",
"id": "5620",
"trust": 0.9
},
{
"db": "XF",
"id": "5619",
"trust": 0.9
},
{
"db": "XF",
"id": "5621",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#610904",
"trust": 0.8
},
{
"db": "BID",
"id": "2035",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#739201",
"trust": 0.8
},
{
"db": "BID",
"id": "2033",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#808633",
"trust": 0.8
},
{
"db": "BID",
"id": "2034",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#872257",
"trust": 0.8
},
{
"db": "BID",
"id": "2032",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#886953",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106",
"trust": 0.7
},
{
"db": "XF",
"id": "5674",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20001206 DOS BY SMTP AUTH COMMAND IN IPSWITCH IMAIL SERVER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2861",
"trust": 0.1
},
{
"db": "XF",
"id": "5629",
"trust": 0.1
},
{
"db": "XF",
"id": "5825",
"trust": 0.1
},
{
"db": "XF",
"id": "5626",
"trust": 0.1
},
{
"db": "XF",
"id": "5776",
"trust": 0.1
},
{
"db": "XF",
"id": "5616",
"trust": 0.1
},
{
"db": "XF",
"id": "5797",
"trust": 0.1
},
{
"db": "XF",
"id": "5740",
"trust": 0.1
},
{
"db": "XF",
"id": "5831",
"trust": 0.1
},
{
"db": "XF",
"id": "5827",
"trust": 0.1
},
{
"db": "XF",
"id": "5823",
"trust": 0.1
},
{
"db": "XF",
"id": "5758",
"trust": 0.1
},
{
"db": "XF",
"id": "5777",
"trust": 0.1
},
{
"db": "XF",
"id": "5664",
"trust": 0.1
},
{
"db": "XF",
"id": "5611",
"trust": 0.1
},
{
"db": "XF",
"id": "5650",
"trust": 0.1
},
{
"db": "XF",
"id": "5818",
"trust": 0.1
},
{
"db": "XF",
"id": "5738",
"trust": 0.1
},
{
"db": "XF",
"id": "5662",
"trust": 0.1
},
{
"db": "XF",
"id": "5732",
"trust": 0.1
},
{
"db": "XF",
"id": "5739",
"trust": 0.1
},
{
"db": "XF",
"id": "5785",
"trust": 0.1
},
{
"db": "XF",
"id": "5787",
"trust": 0.1
},
{
"db": "XF",
"id": "5734",
"trust": 0.1
},
{
"db": "XF",
"id": "5743",
"trust": 0.1
},
{
"db": "XF",
"id": "5821",
"trust": 0.1
},
{
"db": "XF",
"id": "5639",
"trust": 0.1
},
{
"db": "XF",
"id": "5622",
"trust": 0.1
},
{
"db": "XF",
"id": "5796",
"trust": 0.1
},
{
"db": "XF",
"id": "5829",
"trust": 0.1
},
{
"db": "XF",
"id": "5755",
"trust": 0.1
},
{
"db": "XF",
"id": "5625",
"trust": 0.1
},
{
"db": "XF",
"id": "5833",
"trust": 0.1
},
{
"db": "XF",
"id": "5778",
"trust": 0.1
},
{
"db": "XF",
"id": "5773",
"trust": 0.1
},
{
"db": "XF",
"id": "5717",
"trust": 0.1
},
{
"db": "XF",
"id": "5617",
"trust": 0.1
},
{
"db": "XF",
"id": "5728",
"trust": 0.1
},
{
"db": "XF",
"id": "5736",
"trust": 0.1
},
{
"db": "XF",
"id": "5753",
"trust": 0.1
},
{
"db": "XF",
"id": "5627",
"trust": 0.1
},
{
"db": "XF",
"id": "5651",
"trust": 0.1
},
{
"db": "XF",
"id": "5815",
"trust": 0.1
},
{
"db": "XF",
"id": "5822",
"trust": 0.1
},
{
"db": "XF",
"id": "5744",
"trust": 0.1
},
{
"db": "XF",
"id": "5834",
"trust": 0.1
},
{
"db": "XF",
"id": "5554",
"trust": 0.1
},
{
"db": "XF",
"id": "5789",
"trust": 0.1
},
{
"db": "XF",
"id": "5615",
"trust": 0.1
},
{
"db": "XF",
"id": "5742",
"trust": 0.1
},
{
"db": "XF",
"id": "5741",
"trust": 0.1
},
{
"db": "XF",
"id": "5824",
"trust": 0.1
},
{
"db": "XF",
"id": "5793",
"trust": 0.1
},
{
"db": "XF",
"id": "5614",
"trust": 0.1
},
{
"db": "XF",
"id": "5763",
"trust": 0.1
},
{
"db": "XF",
"id": "5723",
"trust": 0.1
},
{
"db": "XF",
"id": "5654",
"trust": 0.1
},
{
"db": "XF",
"id": "5826",
"trust": 0.1
},
{
"db": "XF",
"id": "5782",
"trust": 0.1
},
{
"db": "XF",
"id": "5663",
"trust": 0.1
},
{
"db": "XF",
"id": "5628",
"trust": 0.1
},
{
"db": "XF",
"id": "5805",
"trust": 0.1
},
{
"db": "XF",
"id": "5798",
"trust": 0.1
},
{
"db": "XF",
"id": "5762",
"trust": 0.1
},
{
"db": "XF",
"id": "5721",
"trust": 0.1
},
{
"db": "XF",
"id": "5784",
"trust": 0.1
},
{
"db": "XF",
"id": "5671",
"trust": 0.1
},
{
"db": "XF",
"id": "5623",
"trust": 0.1
},
{
"db": "XF",
"id": "5725",
"trust": 0.1
},
{
"db": "XF",
"id": "5809",
"trust": 0.1
},
{
"db": "XF",
"id": "5795",
"trust": 0.1
},
{
"db": "XF",
"id": "5673",
"trust": 0.1
},
{
"db": "XF",
"id": "5801",
"trust": 0.1
},
{
"db": "XF",
"id": "5729",
"trust": 0.1
},
{
"db": "XF",
"id": "5830",
"trust": 0.1
},
{
"db": "XF",
"id": "5817",
"trust": 0.1
},
{
"db": "XF",
"id": "5701",
"trust": 0.1
},
{
"db": "XF",
"id": "5788",
"trust": 0.1
},
{
"db": "XF",
"id": "5808",
"trust": 0.1
},
{
"db": "XF",
"id": "5735",
"trust": 0.1
},
{
"db": "XF",
"id": "5819",
"trust": 0.1
},
{
"db": "XF",
"id": "5754",
"trust": 0.1
},
{
"db": "XF",
"id": "5649",
"trust": 0.1
},
{
"db": "XF",
"id": "5807",
"trust": 0.1
},
{
"db": "XF",
"id": "5660",
"trust": 0.1
},
{
"db": "XF",
"id": "5661",
"trust": 0.1
},
{
"db": "XF",
"id": "5746",
"trust": 0.1
},
{
"db": "XF",
"id": "5624",
"trust": 0.1
},
{
"db": "XF",
"id": "5775",
"trust": 0.1
},
{
"db": "XF",
"id": "5761",
"trust": 0.1
},
{
"db": "XF",
"id": "5733",
"trust": 0.1
},
{
"db": "XF",
"id": "5727",
"trust": 0.1
},
{
"db": "XF",
"id": "5813",
"trust": 0.1
},
{
"db": "XF",
"id": "5656",
"trust": 0.1
},
{
"db": "XF",
"id": "5799",
"trust": 0.1
},
{
"db": "XF",
"id": "5665",
"trust": 0.1
},
{
"db": "XF",
"id": "5737",
"trust": 0.1
},
{
"db": "XF",
"id": "5659",
"trust": 0.1
},
{
"db": "XF",
"id": "5667",
"trust": 0.1
},
{
"db": "XF",
"id": "5672",
"trust": 0.1
},
{
"db": "XF",
"id": "5749",
"trust": 0.1
},
{
"db": "XF",
"id": "5803",
"trust": 0.1
},
{
"db": "XF",
"id": "5811",
"trust": 0.1
},
{
"db": "XF",
"id": "5786",
"trust": 0.1
},
{
"db": "XF",
"id": "5802",
"trust": 0.1
},
{
"db": "XF",
"id": "5760",
"trust": 0.1
},
{
"db": "XF",
"id": "5800",
"trust": 0.1
},
{
"db": "XF",
"id": "5670",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "24096",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#610904"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "24096"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"id": "VAR-200102-0075",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2861"
}
],
"trust": 0.01
},
"last_update_date": "2026-03-09T21:17:41.635000Z",
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2083"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0071.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139925+stiy08143+usbin"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08143"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137627+stiy08287+usbin"
},
{
"trust": 1.6,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08287"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5674"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/5804.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/5618.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/5620.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/5619.php"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/static/5621.php"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026mid=152620"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2035"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139817+stiy07831+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy07831"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137621+stiy07790+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy07790"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2033"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/digest.htm#a26p05a6"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2034"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/enq.htm#a200977f"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2032"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da114623+stiy10721+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy10721"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da123587+stiy08812+usbin"
},
{
"trust": 0.8,
"url": "http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4\u0026srchtype=apar\u0026query=iy08812"
},
{
"trust": 0.8,
"url": "http://www.rs6000.ibm.com/doc_link/en_us/a_doc_lib/cmds/aixcmds5/setsenv.htm#wpg2f0frit"
},
{
"trust": 0.7,
"url": "http://xforce.iss.net/static/5674.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5742.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5775.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5795.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5701.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5813.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5639.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5762.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5830.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5754.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net)."
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5778.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5624.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5739.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5802.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5650.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5651.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5793.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5788.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5717.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5800.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5773.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5822.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5728.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5789.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5815.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5625.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5662.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5760.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5663.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5721.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5626.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5805.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5799.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5827.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5777.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5649.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5819.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5786.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5744.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5808.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5797.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5738.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5664.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5628.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5809.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5622.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5732.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5740.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5670.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5776.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5784.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5803.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5659.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5671.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5734.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5611.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5785.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5616.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5672.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5743.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5614.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5763.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/alerts/vol-06_num-02.php."
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5627.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5617.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5727.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5824.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5818.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5660.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5796.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5615.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5725.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5833.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5787.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5761.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5811.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5729.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5629.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5723.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5829.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5749.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5801.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5755.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5821.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5656.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5834.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5736.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5623.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5735.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5673.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5825.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5753.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5798.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5667.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/maillists/index.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5654.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5817.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/alerts/advisennn.php."
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5823.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5826.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/sensitive.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5554.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5831.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5665.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5741.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5733.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5782.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5807.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5758.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5661.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5737.php"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/static/5746.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#610904"
},
{
"db": "CERT/CC",
"id": "VU#739201"
},
{
"db": "CERT/CC",
"id": "VU#808633"
},
{
"db": "CERT/CC",
"id": "VU#872257"
},
{
"db": "CERT/CC",
"id": "VU#886953"
},
{
"db": "VULHUB",
"id": "VHN-2861"
},
{
"db": "PACKETSTORM",
"id": "24096"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
},
{
"db": "NVD",
"id": "CVE-2001-0039"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#610904",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#739201",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#808633",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#872257",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#886953",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-2861",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "24096",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2001-0039",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2001-07-09T00:00:00",
"db": "CERT/CC",
"id": "VU#610904",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#739201",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#808633",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#872257",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#886953",
"ident": null
},
{
"date": "2001-02-16T00:00:00",
"db": "VULHUB",
"id": "VHN-2861",
"ident": null
},
{
"date": "2001-01-22T23:24:05",
"db": "PACKETSTORM",
"id": "24096",
"ident": null
},
{
"date": "2001-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-106",
"ident": null
},
{
"date": "2001-02-16T05:00:00",
"db": "NVD",
"id": "CVE-2001-0039",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2001-07-09T00:00:00",
"db": "CERT/CC",
"id": "VU#610904",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#739201",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#808633",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#872257",
"ident": null
},
{
"date": "2001-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#886953",
"ident": null
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2861",
"ident": null
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-106",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0039",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "24096"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "Oracle Internet Directory LDAP Daemon does not check write permissions properly",
"sources": [
{
"db": "CERT/CC",
"id": "VU#610904"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-106"
}
],
"trust": 0.6
}
}
VAR-201103-0090
Vulnerability from variot - Updated: 2025-04-11 21:38The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. This vulnerability is related to plain text command injection attacks. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system.
SOLUTION: Restrict access to trusted hosts only.
PROVIDED AND/OR DISCOVERED BY: Wietse Venema via US-CERT. ----------------------------------------------------------------------
Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies.
SOLUTION: Apply fixes. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: Kerio Connect "STARTTLS" Plaintext Injection Vulnerability
SECUNIA ADVISORY ID: SA43678
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43678/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43678
RELEASE DATE: 2011-03-12
DISCUSS ADVISORY: http://secunia.com/advisories/43678/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43678/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43678
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Kerio Connect, which can be exploited by malicious people to manipulate certain data.
The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase.
The vulnerability is reported in version 7.1.4 build 2985. Other versions may also be affected.
SOLUTION: Reportedly, the vendor will fix this in an upcoming version.
PROVIDED AND/OR DISCOVERED BY: Wietse Venema
ORIGINAL ADVISORY: US-CERT VU#555316: http://www.kb.cert.org/vuls/id/555316 http://www.kb.cert.org/vuls/id/MAPG-8D9M4P
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "lte",
"trust": 1.8,
"vendor": "ipswitch",
"version": "11.03"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11.02"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.00"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "6.06"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "*"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "8.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "server_8.2_hotfix_2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "10.02"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.0,
"vendor": "ipswitch",
"version": "11.01"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyrus imap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kerio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postfix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qmail tls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.1"
},
{
"model": "spamdyke",
"scope": "ne",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.4"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "groupware server 2.2-rc3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.9"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.5"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "pure-ftpd",
"scope": "ne",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.30"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.3"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20011115"
},
{
"model": "groupware server -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.3"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7.01"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.2.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.5"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20110"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.22"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.23"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "pure-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "pureftpd",
"version": "1.0.29"
},
{
"model": "groupware server 2.1.beta3",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.3"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.3"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "groupware server",
"scope": "ne",
"trust": 0.3,
"vendor": "kolab",
"version": "2.3.2"
},
{
"model": "inn",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.4.8"
},
{
"model": "spamdyke",
"scope": "eq",
"trust": 0.3,
"vendor": "spamdyke",
"version": "4.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "mailserver patch",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.1.31"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.4"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.13"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19991231"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "imap server",
"scope": "ne",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.7"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "connect build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.1.42985"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux enterprise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.4.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.1"
},
{
"model": "groupware server 2.1beta2",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6-20080902"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "scooffice server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "0"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.9"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.20"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.1.3"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.12"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.4"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.1.11"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.1"
},
{
"model": "netqmail",
"scope": "eq",
"trust": 0.3,
"vendor": "qmail smtpd auth",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.4.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "1.0.21"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2.4"
},
{
"model": "java system messaging server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "groupware server 2.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "kolab",
"version": null
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.10"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.8"
},
{
"model": "groupware server beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "inn",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "2.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.6"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "20010228"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.6.4"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.1.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "imail hotfix",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
},
{
"model": "imap server",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus",
"version": "2.4.6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.0.2"
},
{
"model": "starttls",
"scope": "eq",
"trust": 0.3,
"vendor": "ietf",
"version": "0"
},
{
"model": "mailserver build",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "6.6.17069"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "groupware server beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.2"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.5"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "venema postfix patchlevel",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.5.44"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.4"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "2.2.10"
},
{
"model": "venema postfix",
"scope": "eq",
"trust": 0.3,
"vendor": "wietse",
"version": "19990906"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mailserver",
"scope": "eq",
"trust": 0.3,
"vendor": "kerio",
"version": "5.7.6"
},
{
"model": "xcs",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
}
],
"trust": 0.4
},
"cve": "CVE-2011-1430",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1430",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-49375",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-1430",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#555316",
"trust": 0.8,
"value": "1.39"
},
{
"author": "NVD",
"id": "CVE-2011-1430",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201103-223",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-49375",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411. Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. This vulnerability is related to plain text command injection attacks. \nAn attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. \nThe following vendors are affected:\nIpswitch\nKerio\nPostfix\nQmail-TLS\nOracle (note that the affected application is unknown)\nSCO Group\nspamdyke\nISC. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nWietse Venema via US-CERT. ----------------------------------------------------------------------\n\n\nAlerts when vulnerabilities pose a threat to your infrastructure\nThe enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. \n\nSOLUTION:\nApply fixes. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nKerio Connect \"STARTTLS\" Plaintext Injection Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43678\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43678/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678\n\nRELEASE DATE:\n2011-03-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43678/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43678/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Kerio Connect, which can be\nexploited by malicious people to manipulate certain data. \n\nThe vulnerability is caused due to the TLS implementation not\nproperly clearing transport layer buffers when upgrading from\nplaintext to ciphertext after receiving the \"STARTTLS\" command. This\ncan be exploited to insert arbitrary plaintext data (e.g. SMTP\ncommands) during the plaintext phase, which will then be executed\nafter upgrading to the TLS ciphertext phase. \n\nThe vulnerability is reported in version 7.1.4 build 2985. Other\nversions may also be affected. \n\nSOLUTION:\nReportedly, the vendor will fix this in an upcoming version. \n\nPROVIDED AND/OR DISCOVERED BY:\nWietse Venema\n\nORIGINAL ADVISORY:\nUS-CERT VU#555316:\nhttp://www.kb.cert.org/vuls/id/555316\nhttp://www.kb.cert.org/vuls/id/MAPG-8D9M4P\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1430"
},
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2011-1430",
"trust": 2.8
},
{
"db": "BID",
"id": "46767",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43676",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0609",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "71020",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223",
"trust": 0.7
},
{
"db": "XF",
"id": "65932",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "45857",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "44753",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "43678",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-49375",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "104917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101909",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99104",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99217",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"id": "VAR-201103-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-49375"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T21:38:49.359000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ipswitch.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/555316"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/mapg-8dbrd4"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46767"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/71020"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43676"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0609"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2595"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3207"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4642"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=674814"
},
{
"trust": 0.8,
"url": "http://www.watchguard.com/archive/softwarecenter.asp"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1430"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1430"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65932"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m4p"
},
{
"trust": 0.4,
"url": "http://www.watchguard.com/support/release-notes/xcs/9/en-us/en_releasenotes_xcs_9_1_1/en_releasenotes_wg_xcs_9_1_tls_hotfix.pdf"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://kolab.org/pipermail/kolab-announce/2011/000101.html"
},
{
"trust": 0.3,
"url": "http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424"
},
{
"trust": 0.3,
"url": "http://cyrusimap.org/mediawiki/index.php/bugs_resolved_in_2.4.7"
},
{
"trust": 0.3,
"url": "https://www.isc.org/software/inn/2.5.3article"
},
{
"trust": 0.3,
"url": "http://files.kolab.org/server/release/kolab-server-2.3.2/sources/release-notes.txt"
},
{
"trust": 0.3,
"url": "http://www.postfix.org/cve-2011-0411.html"
},
{
"trust": 0.3,
"url": "http://www.pureftpd.org/project/pure-ftpd/news"
},
{
"trust": 0.3,
"url": "http://www.spamdyke.org/documentation/changelog.txt"
},
{
"trust": 0.3,
"url": "http://datatracker.ietf.org/doc/draft-josefsson-kerberos5-starttls/?include_text=1"
},
{
"trust": 0.3,
"url": "/archive/1/516901"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100134676"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100141041"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=850478"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
},
{
"trust": 0.3,
"url": "http://inoa.net/qmail-tls/vu555316.patch"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45857/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45857"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45857/#comments"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m6a"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44753/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/mapg-8d9m75"
},
{
"trust": 0.1,
"url": "http://www.youtube.com/user/secunia#p/a/u/0/m1y9sjqr2sy"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44753"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44753/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43676/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43676/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43676"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43678/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43678/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43678"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#555316"
},
{
"db": "VULHUB",
"id": "VHN-49375"
},
{
"db": "BID",
"id": "46767"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"db": "PACKETSTORM",
"id": "104917"
},
{
"db": "PACKETSTORM",
"id": "101909"
},
{
"db": "PACKETSTORM",
"id": "99104"
},
{
"db": "PACKETSTORM",
"id": "99217"
},
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2011-03-16T00:00:00",
"db": "VULHUB",
"id": "VHN-49375"
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46767"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"date": "2011-09-08T08:14:47",
"db": "PACKETSTORM",
"id": "104917"
},
{
"date": "2011-06-01T04:21:33",
"db": "PACKETSTORM",
"id": "101909"
},
{
"date": "2011-03-09T06:30:49",
"db": "PACKETSTORM",
"id": "99104"
},
{
"date": "2011-03-14T11:35:55",
"db": "PACKETSTORM",
"id": "99217"
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"date": "2011-03-16T22:55:04.747000",
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-08T00:00:00",
"db": "CERT/CC",
"id": "VU#555316"
},
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-49375"
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "46767"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004393"
},
{
"date": "2011-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201103-223"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-1430"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "STARTTLS plaintext command injection vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#555316"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201103-223"
}
],
"trust": 0.6
}
}
VAR-200703-0303
Vulnerability from variot - Updated: 2025-04-10 23:21Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control. A buffer overflow vulnerability exists in the IMAILAPILib ActiveX control (IMailAPI.dll) of Ipswitch IMail Server versions prior to 2006.2.
Want a new job? http://secunia.com/secunia_vacancies/
Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/
TITLE: Ipswitch IMail Server/Collaboration Suite Multiple Buffer Overflows
SECUNIA ADVISORY ID: SA24422
VERIFY ADVISORY: http://secunia.com/advisories/24422/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite 2006 http://secunia.com/product/8652/ IMail Server 2006 http://secunia.com/product/8653/
DESCRIPTION: Some vulnerabilities have been reported in Ipswitch IMail Server/Collaboration Suite, which potentially can be exploited by malicious people to compromise a vulnerable system.
1) Unspecified errors within the IMailServer.WebConnect, IMailLDAPService.Sync3, IMailLDAPService.Init3, IMailServer.Connect, and IMailUserCollection.SetReplyTo components can be exploited to cause buffer overflows via specially crafted packets.
2) An error within an unspecified ActiveX control can be exploited to execute arbitrary code when a user e.g. visits a malicious web site.
SOLUTION: Update to version 2006.2 (Standard Edition only): ftp://ftp.ipswitch.com/Ipswitch/Product_Downloads/ICS_Standard.exe
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Ipswitch: http://www.ipswitch.com/support/ics/updates/ics20062.asp http://support.ipswitch.com/kb/IM-20070305-JH01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail premium",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail plus",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_standard"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "lt",
"trust": 0.8,
"vendor": "ipswitch",
"version": "server"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "54869"
}
],
"trust": 0.1
},
"cve": "CVE-2007-1637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-1637",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-24999",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1637",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-1637",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-591",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-24999",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control. A buffer overflow vulnerability exists in the IMAILAPILib ActiveX control (IMailAPI.dll) of Ipswitch IMail Server versions prior to 2006.2. \n\n----------------------------------------------------------------------\n\nWant a new job?\nhttp://secunia.com/secunia_vacancies/\n\nSecunia is looking for new researchers with a reversing background\nand experience in writing exploit code:\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\nhttp://secunia.com/Disassembling_og_Reversing/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch IMail Server/Collaboration Suite Multiple Buffer Overflows\n\nSECUNIA ADVISORY ID:\nSA24422\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24422/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite 2006\nhttp://secunia.com/product/8652/\nIMail Server 2006\nhttp://secunia.com/product/8653/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Ipswitch IMail\nServer/Collaboration Suite, which potentially can be exploited by\nmalicious people to compromise a vulnerable system. \n\n1) Unspecified errors within the IMailServer.WebConnect,\nIMailLDAPService.Sync3, IMailLDAPService.Init3, IMailServer.Connect,\nand IMailUserCollection.SetReplyTo components can be exploited to\ncause buffer overflows via specially crafted packets. \n\n2) An error within an unspecified ActiveX control can be exploited to\nexecute arbitrary code when a user e.g. visits a malicious web site. \n\nSOLUTION:\nUpdate to version 2006.2 (Standard Edition only):\nftp://ftp.ipswitch.com/Ipswitch/Product_Downloads/ICS_Standard.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nIpswitch:\nhttp://www.ipswitch.com/support/ics/updates/ics20062.asp\nhttp://support.ipswitch.com/kb/IM-20070305-JH01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1637"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "PACKETSTORM",
"id": "54869"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1637",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "24422",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1017737",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0853",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20070307 IPSWITCH IMAIL SERVER 2006 MULTIPLE ACTIVEX CONTROL BUFFER OVERFLOW VULNERABILITIE",
"trust": 0.6
},
{
"db": "BID",
"id": "83550",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-24999",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54869",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"id": "VAR-200703-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:21:02.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IM-20070305-JH01",
"trust": 0.8,
"url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.ipswitch.com/kb/im-20070305-jh01.htm"
},
{
"trust": 1.7,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017737"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24422"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/0853"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1637"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1637"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/0853"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/disassembling_og_reversing/"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/ics/updates/ics20062.asp"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24422/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-24999"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"db": "PACKETSTORM",
"id": "54869"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-24999"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"date": "2007-03-08T00:54:52",
"db": "PACKETSTORM",
"id": "54869"
},
{
"date": "2007-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"date": "2007-03-23T22:19:00",
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-24999"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003570"
},
{
"date": "2007-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-591"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-1637"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server of IMAILAPILib ActiveX Control buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003570"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-591"
}
],
"trust": 0.6
}
}
VAR-200709-0023
Vulnerability from variot - Updated: 2025-04-10 23:07Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. Ipswitch IMail Server is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Versions between Ipswitch IMail Server 8.01 and 8.11 are vulnerable to this issue; other versions may also be affected. NOTE: This issue may be related to previously disclosed vulnerabilities in IMail, but due to a lack of information we cannot confirm this. We will update this BID as more information emerges. IPSwitch IMail is a Windows-based mail service program. There is a buffer overflow vulnerability in IPSwitch IMail's iaspam.dll, which may be exploited by remote attackers to control the server. Relevant details: loc_1001ada5 ==> Pay attention to the difference in loading base address during dynamic debugging. mov eax, [ebp+var_54] mov ecx, [eax+10c8h] push ecx ; char * mov edx, [ebp+var_54] mov eax, [edx+10d0h] push eax ; char * call _strcpy add esp, 8 jmp loc_1001a6f0 Here, the two buffers of strcpy, the pointers of src and dst are read directly from the heap without any check before, so send a malicious email to the server (SMD file), and then control the two buffers at the subsequent offset address, you can copy any string to any memory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200709-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.11"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.01"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "8.01 to 8.11"
}
],
"sources": [
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "axis axis@ph4nt0m)",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-5094",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-28456",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5094",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-5094",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200709-391",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-28456",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string \"MIME\" by itself on a line in the header, and a long Content-Transfer-Encoding header line. Ipswitch IMail Server is prone to a buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. \nAttackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nVersions between Ipswitch IMail Server 8.01 and 8.11 are vulnerable to this issue; other versions may also be affected. \nNOTE: This issue may be related to previously disclosed vulnerabilities in IMail, but due to a lack of information we cannot confirm this. We will update this BID as more information emerges. IPSwitch IMail is a Windows-based mail service program. There is a buffer overflow vulnerability in IPSwitch IMail\u0027s iaspam.dll, which may be exploited by remote attackers to control the server. Relevant details: loc_1001ada5 ==\u003e Pay attention to the difference in loading base address during dynamic debugging. mov eax, [ebp+var_54] mov ecx, [eax+10c8h] push ecx ; char * mov edx, [ebp+var_54] mov eax, [edx+10d0h] push eax ; char * call _strcpy add esp, 8 jmp loc_1001a6f0 Here, the two buffers of strcpy, the pointers of src and dst are read directly from the heap without any check before, so send a malicious email to the server (SMD file), and then control the two buffers at the subsequent offset address, you can copy any string to any memory",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5094"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "VULHUB",
"id": "VHN-28456"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-28456",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5094",
"trust": 2.8
},
{
"db": "BID",
"id": "25762",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "4438",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39390",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441",
"trust": 0.8
},
{
"db": "MILW0RM",
"id": "4438",
"trust": 0.6
},
{
"db": "XF",
"id": "36723",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-28456",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"id": "VAR-200709-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:07:25.365000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "IMail Server",
"trust": 0.8,
"url": "http://www.imailserver.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25762"
},
{
"trust": 1.7,
"url": "http://pstgroup.blogspot.com/2007/09/exploitimail-iaspamdll-80x-remote-heap.html"
},
{
"trust": 1.7,
"url": "http://osvdb.org/39390"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/4438"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36723"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5094"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5094"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/4438"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/36723"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28456"
},
{
"db": "BID",
"id": "25762"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-09-26T00:00:00",
"db": "VULHUB",
"id": "VHN-28456"
},
{
"date": "2007-09-21T00:00:00",
"db": "BID",
"id": "25762"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"date": "2007-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"date": "2007-09-26T22:17:00",
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-28456"
},
{
"date": "2015-05-07T17:35:00",
"db": "BID",
"id": "25762"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004441"
},
{
"date": "2007-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-391"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-5094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail SMTP Server IASPAM.DLL Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "25762"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-391"
}
],
"trust": 0.6
}
}
VAR-200901-0467
Vulnerability from variot - Updated: 2025-04-10 22:57Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability.The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition. Authentication is required to exploit this vulnerability.The specific flaw exists due to a lack of bounds checking during theparsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs. Ipswitch IMail Server is prone to multiple buffer-overflow vulnerabilities because the software fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer. Successful attacks allow arbitrary code to run, facilitating the remote compromise of affected computers. Exploit attempts may also cause the application to crash. Ipswitch IMail Server 2006 is vulnerable to these issues; other versions may also be affected. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system. IMail bundles an IMAP daemon (imapd32.exe) that allows users to access mail. ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-042.html July 24, 2007
-- CVE ID: CVE-2007-2795
-- Affected Vendor: Ipswitch
-- Affected Products: Ipswitch IMail Ipswitch Collaboration Suite
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since July 24, 2007 by Digital Vaccine protection filter ID 5224.
-- Vendor Response: Ipswitch has issued an update to correct this vulnerability. More details can be found at:
http://www.ipswitch.com/support/imail/releases/im200621.asp
-- Disclosure Timeline: 2007.02.26 - Vulnerability reported to vendor 2007.07.24 - Digital Vaccine released to TippingPoint customers 2007.07.24 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by Sebastian Apelt (webmaster@buzzworld.org).
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0467",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"model": "imail",
"scope": null,
"trust": 1.4,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail",
"scope": "lte",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006.21"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "2006.2"
},
{
"model": "imail server",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"model": "imail server",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.21"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastian Apelt (webmaster@buzzworld.org)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
}
],
"trust": 1.4
},
"cve": "CVE-2007-2795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2007-2795",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-26157",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2795",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-2795",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-363",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-26157",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability.The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition. Authentication is required to exploit this vulnerability.The specific flaw exists due to a lack of bounds checking during theparsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs. Ipswitch IMail Server is prone to multiple buffer-overflow vulnerabilities because the software fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer. \nSuccessful attacks allow arbitrary code to run, facilitating the remote compromise of affected computers. Exploit attempts may also cause the application to crash. \nIpswitch IMail Server 2006 is vulnerable to these issues; other versions may also be affected. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. IMail bundles an IMAP daemon (imapd32.exe) that allows users to access mail. ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption\n Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-042.html\nJuly 24, 2007\n\n-- CVE ID:\nCVE-2007-2795\n\n-- Affected Vendor:\nIpswitch\n\n-- Affected Products:\nIpswitch IMail\nIpswitch Collaboration Suite\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability since July 24, 2007 by Digital Vaccine protection\nfilter ID 5224. \n\n\n-- Vendor Response:\nIpswitch has issued an update to correct this vulnerability. More\ndetails can be found at:\n\n http://www.ipswitch.com/support/imail/releases/im200621.asp\n\n-- Disclosure Timeline:\n2007.02.26 - Vulnerability reported to vendor\n2007.07.24 - Digital Vaccine released to TippingPoint customers\n2007.07.24 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by Sebastian Apelt\n(webmaster@buzzworld.org). \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product. \n\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited. If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2795"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26157",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2795",
"trust": 4.4
},
{
"db": "ZDI",
"id": "ZDI-07-042",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-07-043",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-166",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-179",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363",
"trust": 0.7
},
{
"db": "BID",
"id": "24962",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "58013",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "58012",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-66887",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "9662",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26157",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"id": "VAR-200901-0467",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T22:57:36.360000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "im200621",
"trust": 2.2,
"url": "http://www.ipswitch.com/support/imail/releases/im200621.asp"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.ipswitch.com/support/imail/releases/im200621.asp"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-042/"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-043/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2795"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2795"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-042.html"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-043.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.3,
"url": "http://docs.ipswitch.com/imail%202006.21/releasenotes/imail_relnotes.htm#newrelease"
},
{
"trust": 0.3,
"url": "/archive/1/474040"
},
{
"trust": 0.3,
"url": "/archive/1/474552"
},
{
"trust": 0.3,
"url": "/archive/1/474553"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2795"
},
{
"trust": 0.2,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.2,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"db": "VULHUB",
"id": "VHN-26157"
},
{
"db": "BID",
"id": "24962"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"db": "PACKETSTORM",
"id": "58013"
},
{
"db": "PACKETSTORM",
"id": "58012"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"date": "2009-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-26157"
},
{
"date": "2007-07-18T00:00:00",
"db": "BID",
"id": "24962"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"date": "2007-07-25T04:32:46",
"db": "PACKETSTORM",
"id": "58013"
},
{
"date": "2007-07-25T04:31:47",
"db": "PACKETSTORM",
"id": "58012"
},
{
"date": "2007-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"date": "2009-01-27T23:30:00.187000",
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-042"
},
{
"date": "2007-07-19T00:00:00",
"db": "ZDI",
"id": "ZDI-07-043"
},
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-26157"
},
{
"date": "2016-07-05T21:38:00",
"db": "BID",
"id": "24962"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001634"
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-363"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-2795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "24962"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-363"
}
],
"trust": 0.6
}
}
VAR-199912-0146
Vulnerability from variot - Updated: 2025-04-03 22:42Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. The encryption scheme used is weak and has been broken. The following description of the mechanism used is quoted from Matt Conover's post to Bugtraq, linked to in full in the Credits section. ENCRYPTION SCHEME Take the lowercase of the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Take each letter of the password, find it's ASCII equivalent and add the offset (ASCII value of first char of the account name minus 97) then subtract the corresponding difference. Use the differences recursively if the password length is greater than the length of the account name. This gives you the character's new ASCII value. Next, Look it up the new ASCII value in the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt) and you now have the encrypted letter. Example: Account Name: mike m = 109 i = 105 k = 107 e = 101 Differences: First - First: 0 First - Second: 4 First - Third: 2 First - Fourth: 8 Unencrypted Password: rocks r = 114 o = 111 c = 99 k = 107 s = 115 (ASCII value + offset) - difference: offset: (109 - 97) = 12 (114 + 12) - 0 = 126 (111 + 12) - 4 = 119 (99 + 12) - 2 = 109 (107 + 12) - 8 = 111 (115 + 12) - 0 = 127 126 = DF 119 = D8 109 = CE 111 = D0 127 = E0 Encrypted Password: DFD8CED0E0 The decryption scheme is a little easier. First, like the encryption scheme, take the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Now split the encrypted password by two characters (e.g., EFDE = EF DE) then look up their ASCII equivalent within the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt). Take that ASCII value and add the corresponding difference.Look this value up in the ascii table. This table is made by taking the ASCII value of the first character of the account name and setting it equal to 'a'. EXAMPLE Account Name: mike m = 109 i = 105 k = 107 e = 101 Differences: First - First: 0 First - Second: 4 First - Third: 2 First - Fourth: 8 Encrypted Password: DFD8CED0E0 DF = 126 D8 = 119 CE = 109 D0 = 111 E0 = 127 Add Difference: 126 + 0 = 126 119 + 4 = 123 109 + 2 = 111 111 + 8 = 119 127 + 0 = 127 Look up in table (see http://www.w00w00.org/imail_map.txt): 126 = r 123 = o 111 = c 119 = k 127 = s Unencrypted Password: rocks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199912-0146",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on December 21, 1999 by Matt Conover \u003cshok@cannabis.dataforce.net\u003e.",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"cve": "CVE-1999-1497",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-1478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1497",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199912-063",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1478",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. The encryption scheme used is weak and has been broken. The following description of the mechanism used is quoted from Matt Conover\u0027s post to Bugtraq, linked to in full in the Credits section. \nENCRYPTION SCHEME Take the lowercase of the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Take each letter of the password, find it\u0027s ASCII equivalent and add the offset (ASCII value of first char of the account name minus 97) then subtract the corresponding difference. Use the differences recursively if the password length is greater than the length of the account name. This gives you the character\u0027s new ASCII value. Next, Look it up the new ASCII value in the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt) and you now have the encrypted letter. \nExample:\nAccount Name: mike\nm = 109\ni = 105\nk = 107\ne = 101\nDifferences:\nFirst - First: 0\nFirst - Second: 4\nFirst - Third: 2\nFirst - Fourth: 8\nUnencrypted Password: rocks\nr = 114\no = 111\nc = 99\nk = 107\ns = 115\n(ASCII value + offset) - difference:\noffset: (109 - 97) = 12\n(114 + 12) - 0 = 126\n(111 + 12) - 4 = 119\n(99 + 12) - 2 = 109\n(107 + 12) - 8 = 111\n(115 + 12) - 0 = 127\n126 = DF\n119 = D8\n109 = CE\n111 = D0\n127 = E0\nEncrypted Password: DFD8CED0E0\nThe decryption scheme is a little easier. First, like the encryption scheme, take the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Now split the encrypted password by two characters (e.g., EFDE = EF DE) then look up their ASCII equivalent within the ASCII-ENCRYPTED table (see http://www.w00w00.org/imail_map.txt). Take that ASCII value and add the corresponding difference.Look this value up in the ascii table. This table is made by taking the ASCII value of the first character of the account name and setting it equal to \u0027a\u0027. \nEXAMPLE\nAccount Name: mike\nm = 109\ni = 105\nk = 107\ne = 101\nDifferences:\nFirst - First: 0\nFirst - Second: 4\nFirst - Third: 2\nFirst - Fourth: 8\nEncrypted Password: DFD8CED0E0\nDF = 126\nD8 = 119\nCE = 109\nD0 = 111\nE0 = 127\nAdd Difference:\n126 + 0 = 126\n119 + 4 = 123\n109 + 2 = 111\n111 + 8 = 119\n127 + 0 = 127\nLook up in table (see http://www.w00w00.org/imail_map.txt):\n126 = r\n123 = o\n111 = c\n119 = k\n127 = s\nUnencrypted Password: rocks",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1497"
},
{
"db": "BID",
"id": "880"
},
{
"db": "VULHUB",
"id": "VHN-1478"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1478",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1497",
"trust": 2.0
},
{
"db": "BID",
"id": "880",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "19991221 [W00GIVING \u002799 #11] IMAIL\u0027S PASSWORD ENCRYPTION SCHEME",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "401",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "19683",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1478",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"id": "VAR-199912-0146",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:52.326000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/880"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/39329"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1478"
},
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-1478"
},
{
"date": "1999-12-19T00:00:00",
"db": "BID",
"id": "880"
},
{
"date": "1999-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"date": "1999-12-21T05:00:00",
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-1478"
},
{
"date": "2009-07-11T01:56:00",
"db": "BID",
"id": "880"
},
{
"date": "2007-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-063"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1497"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail Weak Password Encryption Vulnerability",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "880"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-063"
}
],
"trust": 0.9
}
}
VAR-200505-0076
Vulnerability from variot - Updated: 2025-04-03 22:42Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. The Ipswitch Collaboration Suite IMail IMAP service is reported prone to a buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on arguments that are passed to the EXAMINE command. It is conjectured that a remote authenticated attacker may exploit this vulnerability to execute arbitrary code in the context of the affected service. Immediate consequences of a failed exploit attempt would be a denial of service due to the application crashing on an access violation. IMail Server version 8.13 an earlier are reported prone to this vulnerability.
Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS
Request Trial: https://ca.secunia.com/?f=l
TITLE: Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow
SECUNIA ADVISORY ID: SA14546
VERIFY ADVISORY: http://secunia.com/advisories/14546/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite (ICS) 1.x http://secunia.com/product/4773/ IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Nico Steinhardt has reported a vulnerability in Ipswitch Collaboration Suite, which can be exploited by malicious users to compromise a vulnerable system.
SOLUTION: Apply IMail Server 8.15 Hotfix 1: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe
PROVIDED AND/OR DISCOVERED BY: Nico Steinhardt
ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=216&type=vulnerabilities
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. BACKGROUND
Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for Microsoft Windows with a customer base of over 53 million users. More information is available on the vendor's website:
http://www.ipswitch.com/products/IMail_Server/index.html
II. The EXAMINE command selects a mailbox so that messages within the mailbox may be accessed with read-only privileges. EXAMINE requests with malformed mailbox names of 259 bytes will overwrite the saved stack frame pointer, resulting in potential process execution control. It should be noted that IMAP will append a '/' character to your supplied mailbox name so the most significant byte of the frame pointer will be 0x2e. The output below shows successful control of the frame pointer.
(668.f8): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled.
eax=00000006 ebx=008943b0 ecx=42424242 edx=00c8fad4 esi=008943b0 edi=00000013 eip=0078626d esp=00c9fd20 ebp=2e434343 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246 0078626d ?? ???
Frame pointer overwrites may allow attackers to redirect program flow when the current function returns. It should be noted that the IMAP EXAMINE command is only available after successful authentication.
III. The EXAMINE IMAP command is only valid after authentication has occurred, however due to the nature of IMAP servers serving a large user base, this requirement only slightly reduces exposure to the vulnerability.
IV. DETECTION
iDEFENSE has confirmed that the IMAP4 daemon (IMAP4d32.exe ver. IMail Server is now packaged as part of Ipswitch Collaboration Suite.
V. WORKAROUND
Use application level content filtering on overly long IMAP commands.
VI. VENDOR RESPONSE
This vulnerability is addressed in IMail Server 8.15 Hotfix 1 (February 3, 2005), which is available for download at:
ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0707 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
03/02/2005 Initial vendor notification 03/08/2005 Initial vendor response 03/10/2005 Public disclosure
IX. CREDIT
Nico Steinhardt is credited with this discovery.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
Free tools, research and upcoming events http://labs.idefense.com
X. LEGAL NOTICES
Copyright (c) 2005 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "collaboration suite",
"scope": "lte",
"trust": 1.0,
"vendor": "ipswitch",
"version": "8.15"
},
{
"model": "collaboration suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "8.15"
},
{
"model": "collaboration suite",
"scope": null,
"trust": 0.3,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.151"
}
],
"sources": [
{
"db": "BID",
"id": "12780"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nico Steinhardt iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0707",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2005-0707",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-11916",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0707",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-692",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11916",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. The Ipswitch Collaboration Suite IMail IMAP service is reported prone to a buffer overflow vulnerability. The issue exists due to a lack of sufficient boundary checks performed on arguments that are passed to the EXAMINE command. \nIt is conjectured that a remote authenticated attacker may exploit this vulnerability to execute arbitrary code in the context of the affected service. Immediate consequences of a failed exploit attempt would be a denial of service due to the application crashing on an access violation. \nIMail Server version 8.13 an earlier are reported prone to this vulnerability. \n----------------------------------------------------------------------\n\nMonitor, Filter, and Manage Security Information\n- Filtering and Management of Secunia advisories\n- Overview, documentation, and detailed reports\n- Alerting via email and SMS\n\nRequest Trial:\nhttps://ca.secunia.com/?f=l\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch Collaboration Suite IMAP EXAMINE Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA14546\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14546/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite (ICS) 1.x\nhttp://secunia.com/product/4773/\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nNico Steinhardt has reported a vulnerability in Ipswitch\nCollaboration Suite, which can be exploited by malicious users to\ncompromise a vulnerable system. \n\nSOLUTION:\nApply IMail Server 8.15 Hotfix 1:\nftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nNico Steinhardt\n\nORIGINAL ADVISORY:\niDEFENSE:\nhttp://www.idefense.com/application/poi/display?id=216\u0026type=vulnerabilities\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. BACKGROUND\n\nIpswitch Collaboration Suite (ICS) is a comprehensive communication and \ncollaboration solution for Microsoft Windows with a customer base of \nover 53 million users. More information is available on the vendor\u0027s \nwebsite:\n\n http://www.ipswitch.com/products/IMail_Server/index.html\n\nII. The \nEXAMINE command selects a mailbox so that messages within the mailbox \nmay be accessed with read-only privileges. EXAMINE requests with \nmalformed mailbox names of 259 bytes will overwrite the saved stack \nframe pointer, resulting in potential process execution control. It \nshould be noted that IMAP will append a \u0027/\u0027 character to your supplied \nmailbox name so the most significant byte of the frame pointer will be \n0x2e. The output below shows successful control of the frame pointer. \n\n(668.f8): Access violation - code c0000005 (first chance)\nFirst chance exceptions are reported before any exception handling. \nThis exception may be expected and handled. \n\neax=00000006 ebx=008943b0 ecx=42424242\nedx=00c8fad4 esi=008943b0 edi=00000013\neip=0078626d esp=00c9fd20 ebp=2e434343\niopl=0 nv up ei pl zr na po nc\ncs=001b ss=0023 ds=0023 es=0023\nfs=0038 gs=0000 efl=00000246\n0078626d ?? ???\n\nFrame pointer overwrites may allow attackers to redirect program flow \nwhen the current function returns. It should be noted that the IMAP \nEXAMINE command is only available after successful authentication. \n\nIII. The EXAMINE IMAP command is only \nvalid after authentication has occurred, however due to the nature of \nIMAP servers serving a large user base, this requirement only slightly \nreduces exposure to the vulnerability. \n\nIV. DETECTION\n\niDEFENSE has confirmed that the IMAP4 daemon (IMAP4d32.exe ver. \nIMail Server is now packaged as part of Ipswitch Collaboration Suite. \n \nV. WORKAROUND\n\nUse application level content filtering on overly long IMAP commands. \n\nVI. VENDOR RESPONSE\n\nThis vulnerability is addressed in IMail Server 8.15 Hotfix 1 (February\n3, 2005), which is available for download at:\n\n ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/IM815HF1.exe\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2005-0707 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n03/02/2005 Initial vendor notification\n03/08/2005 Initial vendor response\n03/10/2005 Public disclosure\n\nIX. CREDIT\n\nNico Steinhardt is credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright (c) 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0707"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-11916",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0707",
"trust": 2.1
},
{
"db": "BID",
"id": "12780",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14546",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1013410",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20050310 IPSWITCH COLLABORATION SUITE IMAP EXAMINE BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "19655",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "36591",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-11916",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36576",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"id": "VAR-200505-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:41.958000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.idefense.com/application/poi/display?id=216\u0026type=vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12780"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013410"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14546"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19655"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/19655"
},
{
"trust": 0.3,
"url": "/archive/1/392871"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=216\u0026amp;type=vulnerabilities"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14546/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4773/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0707"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11916"
},
{
"db": "BID",
"id": "12780"
},
{
"db": "PACKETSTORM",
"id": "36576"
},
{
"db": "PACKETSTORM",
"id": "36591"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-11916"
},
{
"date": "2005-03-10T00:00:00",
"db": "BID",
"id": "12780"
},
{
"date": "2005-03-15T07:30:59",
"db": "PACKETSTORM",
"id": "36576"
},
{
"date": "2005-03-15T07:43:28",
"db": "PACKETSTORM",
"id": "36591"
},
{
"date": "2005-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11916"
},
{
"date": "2009-07-12T10:56:00",
"db": "BID",
"id": "12780"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-692"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0707"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Collaboration Suite IMAP EXAMINE Command buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-692"
}
],
"trust": 0.6
}
}
VAR-199903-0051
Vulnerability from variot - Updated: 2025-04-03 22:42IMail POP3 daemon uses weak encryption, which allows local users to read files. IMail is prone to a local security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199903-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "88240"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0019",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2000-0019",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1598",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0019",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-199903-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1598",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2000-0019",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail POP3 daemon uses weak encryption, which allows local users to read files. IMail is prone to a local security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0019",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024",
"trust": 0.7
},
{
"db": "BID",
"id": "88240",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-1598",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2000-0019",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"id": "VAR-199903-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:42:01.691000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/cve-2000-0019"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2000-0019"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/88240"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1598"
},
{
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-1598"
},
{
"date": "1999-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"date": "1999-03-04T00:00:00",
"db": "BID",
"id": "88240"
},
{
"date": "1999-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"date": "1999-03-04T05:00:00",
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-1598"
},
{
"date": "2022-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2000-0019"
},
{
"date": "1999-03-04T00:00:00",
"db": "BID",
"id": "88240"
},
{
"date": "2022-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-024"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0019"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "88240"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail POP3 daemon Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-024"
}
],
"trust": 0.6
}
}
VAR-200412-1061
Vulnerability from variot - Updated: 2025-04-03 22:40Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. Ipswitch IMail is reported prone to a remote buffer overflow vulnerability. This issue exists due to insufficient boundary checks performed by the application. Ipswitch IMail 8.13 is reported prone to this vulnerability. It is possible that other versions are affected as well. Ipswitch IMail Server is a powerful email solution. Ipswitch IMail Server handles the DELETE command incorrectly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-1061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.13"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.14"
}
],
"sources": [
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jerome\u203b jerome@athias.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1520",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2004-1520",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-9950",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1520",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9950",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. Ipswitch IMail is reported prone to a remote buffer overflow vulnerability. This issue exists due to insufficient boundary checks performed by the application. \nIpswitch IMail 8.13 is reported prone to this vulnerability. It is possible that other versions are affected as well. Ipswitch IMail Server is a powerful email solution. Ipswitch IMail Server handles the DELETE command incorrectly",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1520"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "VULHUB",
"id": "VHN-9950"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9950",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11675",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1520",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "13200",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722",
"trust": 0.7
},
{
"db": "XF",
"id": "18058",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "7108",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20041112 IPSWITCH-IMAIL-8.13 STACK OVERFLOW IN THE DELETE COMMAND",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-70993",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-70991",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16479",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "627",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "1151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82989",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9950",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"id": "VAR-200412-1061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:37.292000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11675"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13200"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18058"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110037283803560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18058"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110037283803560\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/7108"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im814.html"
},
{
"trust": 0.3,
"url": "/archive/1/381027"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110037283803560\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9950"
},
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9950"
},
{
"date": "2004-11-13T00:00:00",
"db": "BID",
"id": "11675"
},
{
"date": "2004-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9950"
},
{
"date": "2004-11-13T00:00:00",
"db": "BID",
"id": "11675"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-722"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-1520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail 8.13 Remotely DELETE Command buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11675"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-722"
}
],
"trust": 0.9
}
}
VAR-200112-0166
Vulnerability from variot - Updated: 2025-04-03 22:40Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. IMail also includes support for multiple domains, and web based administration. It runs on Microsoft Windows platforms. There is a vulnerability with the authentication process for this web administration tool. Any valid administrator account may make changes to any domain on the server. IPSwitch IMail is a popular web-based mail retrieval program used by many ISPs. Attackers can list, view, add, and delete other domains arbitrarily. User aliases and mailing lists for
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200112-0166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
}
],
"sources": [
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zeeshan Mustafa\u203b security@zeeshan.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"cve": "CVE-2001-1211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1211",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4016",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1211",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200112-158",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4016",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. IMail also includes support for multiple domains, and web based administration. It runs on Microsoft Windows platforms. \nThere is a vulnerability with the authentication process for this web administration tool. Any valid administrator account may make changes to any domain on the server. IPSwitch IMail is a popular web-based mail retrieval program used by many ISPs. Attackers can list, view, add, and delete other domains arbitrarily. User aliases and mailing lists for ",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1211"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "VULHUB",
"id": "VHN-4016"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3766",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1211",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158",
"trust": 0.7
},
{
"db": "XF",
"id": "7752",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011231 IMAIL WEB SERVICE USER ALIASES / MAILING LISTS ADMIN VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4016",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"id": "VAR-200112-0166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:00.336000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3766"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/247786"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20011219-dm01.htm"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020301-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/7752.php"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4016"
},
{
"db": "BID",
"id": "3766"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-4016"
},
{
"date": "2001-12-31T00:00:00",
"db": "BID",
"id": "3766"
},
{
"date": "2001-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"date": "2001-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4016"
},
{
"date": "2009-07-11T09:56:00",
"db": "BID",
"id": "3766"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-158"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Domain Management Authority Boost Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-158"
}
],
"trust": 0.6
}
}
VAR-200010-0032
Vulnerability from variot - Updated: 2025-04-03 22:39The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383 for it's end users to access. Via this interface users may read and send mail, as well as mail with file attachments. Certain versions of IMail do not perform proper access validation however resulting in users being able to attach files resident on the server. The net result of this is users may attach files on the server to which they should have no access. This access is limited to the user privileges which the server is being run as, typically SYSTEM. It should be noted that once a user attachs the files in question the server deletes them
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200010-0032",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was discovered and reported by Timescape \u003cvellad@kattare.com\u003e.\n\n This advisory was drafted with the help of the SecurityFocus.com Vulnerability Help Team. For more information or assistance drafting advisories please mail vulnhelp@securi",
"sources": [
{
"db": "BID",
"id": "1617"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0780",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0780",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-2357",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0780",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200010-093",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2357",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. IPSWITCH ships a product titled IMail, an email server for usage on NT servers serving clients their mail via a web interface. To this end the IMail server provides a web server typically running on port 8383 for it\u0027s end users to access. Via this interface users may read and send mail, as well as mail with file attachments. Certain versions of IMail do not perform proper access validation however resulting in users being able to attach files resident on the server. The net result of this is users may attach files on the server to which they should have no access. This access is limited to the user privileges which the server is being run as, typically SYSTEM. \nIt should be noted that once a user attachs the files in question the server deletes them",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0780"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "VULHUB",
"id": "VHN-2357"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-2357",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1617",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0780",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000830 VULNERABILITY REPORT ON IPSWITCH\u0027S IMAIL",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20182",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-74070",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-2357",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"id": "VAR-200010-0032",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:11.654000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1617"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=96767207207553\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=96767207207553\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2357"
},
{
"db": "BID",
"id": "1617"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-2357"
},
{
"date": "2000-08-30T00:00:00",
"db": "BID",
"id": "1617"
},
{
"date": "2000-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"date": "2000-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-2357"
},
{
"date": "2000-08-30T00:00:00",
"db": "BID",
"id": "1617"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-093"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0780"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSWITCH IMail web Server vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-093"
}
],
"trust": 0.6
}
}
VAR-200412-0343
Vulnerability from variot - Updated: 2025-04-03 22:39Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. These vulnerabilities allow a remote attacker to crash the affected application, denying service to legitimate users. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. Versions of the application prior to 8.13 are reported affected by these vulnerabilities. TITLE: IMail Multiple Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA12453
VERIFY ADVISORY: http://secunia.com/advisories/12453/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Various vulnerabilities have been reported in IMail, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
2) An unspecified error within the Web Calendaring can potentially be exploited to cause a crash when a calender entry containing certain content is viewed.
SOLUTION: Apply IMail Server 8.13 patch. http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://support.ipswitch.com/kb/IM-20040902-DM01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0343",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
}
],
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2422",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2422",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10850",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2422",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-1106",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10850",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. \nThese vulnerabilities allow a remote attacker to crash the affected application, denying service to legitimate users. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. \nVersions of the application prior to 8.13 are reported affected by these vulnerabilities. \nTITLE:\nIMail Multiple Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA12453\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/12453/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nVarious vulnerabilities have been reported in IMail, which\npotentially can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\n2) An unspecified error within the Web Calendaring can potentially be\nexploited to cause a crash when a calender entry containing certain\ncontent is viewed. \n\nSOLUTION:\nApply IMail Server 8.13 patch. \nhttp://www.ipswitch.com/support/imail/releases/imail_professional/im813.html\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://support.ipswitch.com/kb/IM-20040902-DM01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2422"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "PACKETSTORM",
"id": "34264"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11106",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "12453",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2004-2422",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "9554",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "9552",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011146",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106",
"trust": 0.7
},
{
"db": "XF",
"id": "17222",
"trust": 0.6
},
{
"db": "XF",
"id": "17219",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10850",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"id": "VAR-200412-0343",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:05.360000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11106"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm#fixes"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9552"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9554"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1011146"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12453"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17219"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17222"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17222"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17219"
},
{
"trust": 0.4,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/12453/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10850"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10850"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2004-09-09T06:47:23",
"db": "PACKETSTORM",
"id": "34264"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10850"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-1106"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Denial Of Service Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-1106"
}
],
"trust": 0.9
}
}
VAR-200412-0389
Vulnerability from variot - Updated: 2025-04-03 22:39Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content.". It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. Versions of the application prior to 8.13 are reported affected by these vulnerabilities. TITLE: IMail Multiple Denial of Service Vulnerabilities
SECUNIA ADVISORY ID: SA12453
VERIFY ADVISORY: http://secunia.com/advisories/12453/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: IMail Server 8.x http://secunia.com/product/3048/
DESCRIPTION: Various vulnerabilities have been reported in IMail, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
1) An unspecified error within the Queue Manager can be exploited to cause a crash via an overly long sender field.
3) An unspecified error within the Web Messaging can potentially be exploited to cause a crash via an overly long "To:" line.
SOLUTION: Apply IMail Server 8.13 patch. http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: http://support.ipswitch.com/kb/IM-20040902-DM01.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0389",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.12"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "8.13"
}
],
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2423",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2423",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10851",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2423",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10851",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via \"specific content.\". It is reported that IMail is susceptible to multiple buffer overflow denial of service vulnerabilities. It is conjectured that it may be possible for an attacker to execute arbitrary code in the context of the affected server application. \nVersions of the application prior to 8.13 are reported affected by these vulnerabilities. \nTITLE:\nIMail Multiple Denial of Service Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA12453\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/12453/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIMail Server 8.x\nhttp://secunia.com/product/3048/\n\nDESCRIPTION:\nVarious vulnerabilities have been reported in IMail, which\npotentially can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\n1) An unspecified error within the Queue Manager can be exploited to\ncause a crash via an overly long sender field. \n\n3) An unspecified error within the Web Messaging can potentially be\nexploited to cause a crash via an overly long \"To:\" line. \n\nSOLUTION:\nApply IMail Server 8.13 patch. \nhttp://www.ipswitch.com/support/imail/releases/imail_professional/im813.html\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://support.ipswitch.com/kb/IM-20040902-DM01.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2423"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "PACKETSTORM",
"id": "34264"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11106",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "12453",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "9553",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-2423",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011146",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160",
"trust": 0.7
},
{
"db": "XF",
"id": "17220",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10851",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34264",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"id": "VAR-200412-0389",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:05.330000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11106"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm#fixes"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/9553"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1011146"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12453"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17220"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17220"
},
{
"trust": 0.4,
"url": "http://support.ipswitch.com/kb/im-20040902-dm01.htm"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im813.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3048/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/12453/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10851"
},
{
"db": "BID",
"id": "11106"
},
{
"db": "PACKETSTORM",
"id": "34264"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10851"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2004-09-09T06:47:23",
"db": "PACKETSTORM",
"id": "34264"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-10851"
},
{
"date": "2004-09-03T00:00:00",
"db": "BID",
"id": "11106"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-160"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-2423"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Multiple Buffer Overflow Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11106"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-160"
}
],
"trust": 0.9
}
}
VAR-200609-0308
Vulnerability from variot - Updated: 2025-04-03 22:37Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character. The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMTP daemon. A lack of bounds checking during the parsing of long strings contained within the characters '@' and ':' leads to a stack overflow vulnerability. Exploitation can result in code execution or a denial of service. Ipswitch IMail Server and Collaboration Suite are prone to a stack-overflow vulnerability. Updates are available. Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure are vulnerable. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: Ipswitch IMail Server SMTP Service Unspecified Vulnerability
SECUNIA ADVISORY ID: SA21795
VERIFY ADVISORY: http://secunia.com/advisories/21795/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Ipswitch Collaboration Suite 2006 http://secunia.com/product/8652/ IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006 http://secunia.com/product/8653/
DESCRIPTION: A vulnerability has been reported in IMail Server, which can be exploited by malicious people to compromise a vulnerable system.
ORIGINAL ADVISORY: http://www.ipswitch.com/support/ics/updates/ics20061.asp http://www.ipswitch.com/support/imail/releases/im20061.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-028.html September 7, 2006
-- CVE ID: CVE-2006-4379
-- Affected Vendor: Ipswitch
-- Affected Products: ICS/IMail Server 2006
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since August 31, 2006 by Digital Vaccine protection filter ID 4496.
-- Vendor Response: Ipswitch has issued an update, version 2006.1, to correct this vulnerability. More details can be found at:
http://www.ipswitch.com/support/imail/releases/im20061.asp
-- Disclosure Timeline: 2006.06.22 - Vulnerability reported to vendor 2006.08.31 - Digital Vaccine released to TippingPoint customers 2006.09.07 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by an anonymous researcher.
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "imail secure server",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail plus",
"scope": "eq",
"trust": 2.4,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_premium"
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2006_standard"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": "collaboration suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2006 suite premium and standard editions"
},
{
"_id": null,
"model": "imail",
"scope": null,
"trust": 0.7,
"vendor": "ipswitch",
"version": null
},
{
"_id": null,
"model": "collaboration suite standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "collaboration suite premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail server",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006"
},
{
"_id": null,
"model": "imail plus",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "0"
},
{
"_id": null,
"model": "collaboration suite standard edition",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"_id": null,
"model": "collaboration suite premium edition",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
},
{
"_id": null,
"model": "imail server",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2006.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:imail_plus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ipswitch:imail_secure_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ipswitch:ipswitch_collaboration_suite",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-06-028"
}
],
"trust": 0.7
},
"cve": "CVE-2006-4379",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-4379",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-20487",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4379",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#542197",
"trust": 0.8,
"value": "12.86"
},
{
"author": "NVD",
"id": "CVE-2006-4379",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-136",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-20487",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"description": {
"_id": null,
"data": "Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an \u0027@\u0027 character and before a \u0027:\u0027 character. The Ipswitch IMail Server is vulnerable to a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMTP daemon. A lack of bounds checking during the parsing of long strings contained within the characters \u0027@\u0027 and \u0027:\u0027 leads to a stack overflow vulnerability. Exploitation can result in code execution or a denial of service. Ipswitch IMail Server and Collaboration Suite are prone to a stack-overflow vulnerability. Updates are available. \nIpswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure are vulnerable. Ipswitch IMail Server is an American Ipswitch company\u0027s mail server running on the Microsoft Windows operating system. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch IMail Server SMTP Service Unspecified Vulnerability\n\nSECUNIA ADVISORY ID:\nSA21795\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21795/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Collaboration Suite 2006\nhttp://secunia.com/product/8652/\nIMail Secure Server 2006\nhttp://secunia.com/product/8651/\nIMail Server 2006\nhttp://secunia.com/product/8653/\n\nDESCRIPTION:\nA vulnerability has been reported in IMail Server, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nORIGINAL ADVISORY:\nhttp://www.ipswitch.com/support/ics/updates/ics20061.asp\nhttp://www.ipswitch.com/support/imail/releases/im20061.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-06-028: Ipswitch Collaboration Suite SMTP Server Stack Overflow\nhttp://www.zerodayinitiative.com/advisories/ZDI-06-028.html\nSeptember 7, 2006\n\n-- CVE ID:\nCVE-2006-4379\n\n-- Affected Vendor:\nIpswitch\n\n-- Affected Products:\nICS/IMail Server 2006\n\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability since August 31, 2006 by Digital Vaccine protection\nfilter ID 4496. \n\n-- Vendor Response:\nIpswitch has issued an update, version 2006.1, to correct this\nvulnerability. More details can be found at:\n\nhttp://www.ipswitch.com/support/imail/releases/im20061.asp\n\n-- Disclosure Timeline:\n2006.06.22 - Vulnerability reported to vendor\n2006.08.31 - Digital Vaccine released to TippingPoint customers\n2006.09.07 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by an anonymous researcher. \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4379"
},
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-20487",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-20487"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2006-4379",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "21795",
"trust": 2.6
},
{
"db": "ZDI",
"id": "ZDI-06-028",
"trust": 2.5
},
{
"db": "BID",
"id": "19885",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3496",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016803",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016804",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#542197",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-067",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060907 ZDI-06-028: IPSWITCH COLLABORATION SUITE SMTP SERVER STACK OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "28789",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "49828",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "3264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "2601",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "3265",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-20487",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49786",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "BID",
"id": "19885"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"id": "VAR-200609-0308",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20487"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:37:21.918000Z",
"patch": {
"_id": null,
"data": [
{
"title": "im20061",
"trust": 1.5,
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.4,
"url": "http://www.ipswitch.com/support/imail/releases/im20061.asp"
},
{
"trust": 2.6,
"url": "http://www.ipswitch.com/support/ics/updates/ics20061.asp"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-06-028.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19885"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016803"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016804"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/21795"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/445521/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3496"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28789"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/21795/"
},
{
"trust": 0.8,
"url": "http://www.mail-archive.com/imail_forum@list.ipswitch.com/msg108403.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4379"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4379"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3496"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/28789"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/445521/100/0/threaded"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8651/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4379"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
},
{
"db": "ZDI",
"id": "ZDI-06-028"
},
{
"db": "VULHUB",
"id": "VHN-20487"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006"
},
{
"db": "PACKETSTORM",
"id": "49786"
},
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
},
{
"db": "NVD",
"id": "CVE-2006-4379"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"db": "BID",
"id": "19885",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "49786",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "49828",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2006-12-07T00:00:00",
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"date": "2006-09-07T00:00:00",
"db": "BID",
"id": "19885",
"ident": null
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"date": "2006-09-08T05:23:41",
"db": "PACKETSTORM",
"id": "49786",
"ident": null
},
{
"date": "2006-09-08T06:50:37",
"db": "PACKETSTORM",
"id": "49828",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"date": "2006-09-08T21:04:00",
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2006-12-07T00:00:00",
"db": "CERT/CC",
"id": "VU#542197",
"ident": null
},
{
"date": "2006-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-06-028",
"ident": null
},
{
"date": "2018-10-17T00:00:00",
"db": "VULHUB",
"id": "VHN-20487",
"ident": null
},
{
"date": "2007-02-05T16:18:00",
"db": "BID",
"id": "19885",
"ident": null
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-002006",
"ident": null
},
{
"date": "2006-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-136",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-4379",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "49828"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "The Ipswitch IMail Server is vulnerable to a buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#542197"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-136"
}
],
"trust": 0.6
}
}
VAR-200011-0041
Vulnerability from variot - Updated: 2025-04-03 22:36Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 or 8383. Sending an HTTP request with an extremely long "HOST" field multiple times can cause the system hosting the service to become unresponsive. Each long request "kills" a thread without freeing up the memory used by it. By repeating this request, the system's resources can be used up completely. Ipswitch Imail 6.0 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200011-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.00"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was revealed in an eEye advisory (#AD20000817) dated August 17, 2000.",
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0825",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0825",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-2395",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0825",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200011-049",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-2395",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 or 8383. Sending an HTTP request with an extremely long \"HOST\" field multiple times can cause the system hosting the service to become unresponsive. Each long request \"kills\" a thread without freeing up the memory used by it. By repeating this request, the system\u0027s resources can be used up completely. Ipswitch Imail 6.0 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0825"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "VULHUB",
"id": "VHN-2395"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "2011",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0825",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "XF",
"id": "5475",
"trust": 0.6
},
{
"db": "NTBUGTRAQ",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "WIN2KSEC",
"id": "20000817 IMAIL WEB SERVICE REMOTE DOS ATTACK V.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2395",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"id": "VAR-200011-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:36:29.311000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2011"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0071.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=96659012127444\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=ntbugtraq\u0026m=96654521004571\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5475"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/5475.php"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=96654521004571\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=96659012127444\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2395"
},
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-2395"
},
{
"date": "2000-08-17T00:00:00",
"db": "BID",
"id": "2011"
},
{
"date": "2000-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"date": "2000-11-14T05:00:00",
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2395"
},
{
"date": "2000-08-17T00:00:00",
"db": "BID",
"id": "2011"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200011-049"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0825"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Web service\" HOST Denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "2011"
},
{
"db": "CNNVD",
"id": "CNNVD-200011-049"
}
],
"trust": 0.9
}
}
VAR-200507-0067
Vulnerability from variot - Updated: 2025-04-03 22:36IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. IMail is prone to a information disclosure vulnerability. IMAIL is an email system including WebMail
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200507-0067",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "2006"
}
],
"sources": [
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89792"
}
],
"trust": 0.3
},
"cve": "CVE-2005-2160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-2160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-13369",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2005-2160",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-2160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200507-061",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-13369",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. IMail is prone to a information disclosure vulnerability. IMAIL is an email system including WebMail",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2160"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "VULHUB",
"id": "VHN-13369"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-2160",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20050705 IMAIL COOKIE VULNERABILITY (UNHASHED)",
"trust": 0.6
},
{
"db": "BID",
"id": "89792",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-13369",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"id": "VAR-200507-0067",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:36:13.187000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-312",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=112060187204457\u0026w=2"
},
{
"trust": 0.9,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112060187204457\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=112060187204457\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13369"
},
{
"db": "BID",
"id": "89792"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "VULHUB",
"id": "VHN-13369"
},
{
"date": "2005-07-06T00:00:00",
"db": "BID",
"id": "89792"
},
{
"date": "2005-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"date": "2005-07-06T04:00:00",
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-13369"
},
{
"date": "2005-07-06T00:00:00",
"db": "BID",
"id": "89792"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-061"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-2160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch Imail cookie Information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-061"
}
],
"trust": 0.6
}
}
VAR-200411-0057
Vulnerability from variot - Updated: 2025-04-03 22:35Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. Ipswitch, Inc. of Ipswitch Imail Exists in unspecified vulnerabilities.None. The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service. Ipswitch IMail server is a WEB-based mail solution. The Ipswitch LDAP daemon does not adequately check user-supplied LDAP tokens. The LDAP message is composed of the length and content of the tag. The following tags 0x02 0x03 0x0A 0x25 0xBD represent integers 665, 501 (0xA25BD). If the length tag provided by the attacker is too long, the data provided by the user will be copied according to the tag length when the program is processed. Lack of sufficient bounds checks, may overwrite the memory address in the stack due to the following assembly specification: .text: 00401188 mov byte ptr [ebp+ecx+var_4], dl Carefully submitted copy data may be executed on the system with LDAP daemon process privileges Arbitrary instructions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200411-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "8.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 2.7,
"vendor": "ipswitch",
"version": "8.0.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": null
},
{
"model": "imail",
"scope": null,
"trust": 0.8,
"vendor": "ipswitch",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Labs\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0297",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0297",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-8727",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0297",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#972334",
"trust": 0.8,
"value": "38.48"
},
{
"author": "NVD",
"id": "CVE-2004-0297",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200411-149",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-8727",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. Ipswitch, Inc. of Ipswitch Imail Exists in unspecified vulnerabilities.None. The Ipswitch LDAP daemon has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists due to a lack of sufficient boundary checks performed on user supplied LDAP tags. When attacker-supplied data containing large LDAP tags is processed by the affected service, a stack based buffer overflow condition will be triggered. A remote attacker may exploit this condition to execute arbitrary instructions in the security context of the affected service. Ipswitch IMail server is a WEB-based mail solution. The Ipswitch LDAP daemon does not adequately check user-supplied LDAP tokens. The LDAP message is composed of the length and content of the tag. The following tags 0x02 0x03 0x0A 0x25 0xBD represent integers 665, 501 (0xA25BD). If the length tag provided by the attacker is too long, the data provided by the user will be copied according to the tag length when the program is processed. Lack of sufficient bounds checks, may overwrite the memory address in the stack due to the following assembly specification: .text: 00401188 mov byte ptr [ebp+ecx+var_4], dl Carefully submitted copy data may be executed on the system with LDAP daemon process privileges Arbitrary instructions",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0297"
},
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "VULHUB",
"id": "VHN-8727"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8727",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8727"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#972334",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2004-0297",
"trust": 3.3
},
{
"db": "BID",
"id": "9682",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "3984",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "10880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20040217 IPSWITCH IMAIL LDAP DAEMON REMOTE BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "15243",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-71326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83017",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "157",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16824",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8727",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"id": "VAR-200411-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8727"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:35:00.354000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9682"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/972334"
},
{
"trust": 2.5,
"url": "http://www.idefense.com/application/poi/display?id=74"
},
{
"trust": 1.9,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15243"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im805hf2.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3984"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=74\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/10880/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0297"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15243"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
},
{
"trust": 0.3,
"url": "/archive/1/354237"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#972334"
},
{
"db": "VULHUB",
"id": "VHN-8727"
},
{
"db": "BID",
"id": "9682"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#972334"
},
{
"date": "2004-11-23T00:00:00",
"db": "VULHUB",
"id": "VHN-8727"
},
{
"date": "2004-02-17T00:00:00",
"db": "BID",
"id": "9682"
},
{
"date": "2024-05-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"date": "2004-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"date": "2004-11-23T05:00:00",
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-03-19T00:00:00",
"db": "CERT/CC",
"id": "VU#972334"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-8727"
},
{
"date": "2004-02-17T00:00:00",
"db": "BID",
"id": "9682"
},
{
"date": "2024-05-31T10:31:00",
"db": "JVNDB",
"id": "JVNDB-2004-000790"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200411-149"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IMail Server LDAP daemon buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#972334"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200411-149"
}
],
"trust": 0.6
}
}
VAR-200110-0113
Vulnerability from variot - Updated: 2025-04-03 22:30Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. Due to improper bounds checking, the Web Calendaring feature of IMail could allow the execution of arbitrary code with the privileges of SYSTEM. This is achieveable by submitting a specially crafted GET request. Ipswitch IMail 7.04 and earlier versions have a buffer overflow vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0113",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq in a Defcom Labs Advisory def-2001-29 on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1287",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1287",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4092",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1287",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-043",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4092",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nDue to improper bounds checking, the Web Calendaring feature of IMail could allow the execution of arbitrary code with the privileges of SYSTEM. This is achieveable by submitting a specially crafted GET request. Ipswitch IMail 7.04 and earlier versions have a buffer overflow vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1287"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "VULHUB",
"id": "VHN-4092"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-4092",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3431",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1287",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011012 DEF-2001-29",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "22458",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76260",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-4092",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"id": "VAR-200110-0113",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:30:57.108000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3431"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0083.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4092"
},
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4092"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3431"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4092"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3431"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-043"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1287"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Web Calender Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "3431"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-043"
}
],
"trust": 0.6
}
}
VAR-200004-0055
Vulnerability from variot - Updated: 2025-04-03 22:27Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. Due to the implementation of IMail's authentication scheme, the server could be remotely forced to stop responding to login requests. If the client fails to terminate the connection, IMail will not be able to authenticate any other users due to the fact that it can only authorize one user at a time. Once the client times out the connection, IMail will regain normal functionality. Otherwise the service will have to be restarted
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200004-0055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.0"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.8"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on April 5, 2000 by Anthony Santen \u003canthony@santen.net\u003e.",
"sources": [
{
"db": "BID",
"id": "1094"
}
],
"trust": 0.3
},
"cve": "CVE-2000-0301",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2000-0301",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-1880",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2000-0301",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200004-008",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1880",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. Due to the implementation of IMail\u0027s authentication scheme, the server could be remotely forced to stop responding to login requests. If the client fails to terminate the connection, IMail will not be able to authenticate any other users due to the fact that it can only authorize one user at a time. \nOnce the client times out the connection, IMail will regain normal functionality. Otherwise the service will have to be restarted",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0301"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "VULHUB",
"id": "VHN-1880"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1094",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2000-0301",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000405 RE: IMAIL (IPSWITCH) DOS WITH EUDORA (QUALCOMM)",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-1880",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"id": "VAR-200004-0055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:27:29.195000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://support.ipswitch.com/kb/im-20000208-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1094"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=95505800117143\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=95505800117143\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1880"
},
{
"db": "BID",
"id": "1094"
},
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-1880"
},
{
"date": "2000-04-06T00:00:00",
"db": "BID",
"id": "1094"
},
{
"date": "2000-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"date": "2000-04-06T04:00:00",
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-1880"
},
{
"date": "2000-04-06T00:00:00",
"db": "BID",
"id": "1094"
},
{
"date": "2010-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200004-008"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2000-0301"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMAIL server Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200004-008"
}
],
"trust": 0.6
}
}
VAR-199902-0016
Vulnerability from variot - Updated: 2025-04-03 22:26IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. A security vulnerability exists in IPswitch WS_FTP
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199902-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.1.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.1.e"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.2"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1171",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1171",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1152",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1171",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199902-007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1152",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. A security vulnerability exists in IPswitch WS_FTP",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1171"
},
{
"db": "BID",
"id": "218"
},
{
"db": "VULHUB",
"id": "VHN-1152"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1152",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1171",
"trust": 2.0
},
{
"db": "BID",
"id": "218",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "19167",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1152",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"id": "VAR-199902-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:30.666000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/218"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=ntbugtraq\u0026m=91816507920544\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=ntbugtraq\u0026amp;m=91816507920544\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1152"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-1152"
},
{
"date": "1999-02-04T00:00:00",
"db": "BID",
"id": "218"
},
{
"date": "1999-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"date": "1999-02-02T05:00:00",
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-1152"
},
{
"date": "2009-07-11T00:16:00",
"db": "BID",
"id": "218"
},
{
"date": "2020-01-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199902-007"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1171"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch WS_FTP Service privilege expansion vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199902-007"
}
],
"trust": 0.6
}
}
VAR-199901-0009
Vulnerability from variot - Updated: 2025-04-03 22:26IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. Progress Software IPswitch IMail is an email server of Progress Software Company in the United States. A security vulnerability exists in Progress Software IPswitch IMail
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199901-0009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "5.0"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 1.0,
"vendor": "progress",
"version": "1.0.1.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.2.e"
},
{
"model": "ws ftp server",
"scope": "eq",
"trust": 0.6,
"vendor": "ipswitch",
"version": "1.0.1.e"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.2"
},
{
"model": "ws ftp server eval",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "1.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"cve": "CVE-1999-1170",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-1999-1170",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-1151",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1170",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199901-025",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1151",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920. Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. Progress Software IPswitch IMail is an email server of Progress Software Company in the United States. A security vulnerability exists in Progress Software IPswitch IMail",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1170"
},
{
"db": "BID",
"id": "218"
},
{
"db": "VULHUB",
"id": "VHN-1151"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1151",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1170",
"trust": 2.0
},
{
"db": "BID",
"id": "218",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "19167",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1151",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"id": "VAR-199901-0009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:30.642000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Progress Software IPswitch IMail Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=106535"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/218"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=ntbugtraq\u0026m=91816507920544\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=ntbugtraq\u0026amp;m=91816507920544\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1151"
},
{
"db": "BID",
"id": "218"
},
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-01-02T00:00:00",
"db": "VULHUB",
"id": "VHN-1151"
},
{
"date": "1999-02-04T00:00:00",
"db": "BID",
"id": "218"
},
{
"date": "1999-01-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"date": "1999-01-02T05:00:00",
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-1151"
},
{
"date": "2009-07-11T00:16:00",
"db": "BID",
"id": "218"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199901-025"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Progress Software IPswitch IMail Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199901-025"
}
],
"trust": 0.6
}
}
VAR-200110-0110
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. If the attacker can anticipate a current valid session ID then they will be able to access webmail accounts without possessing a valid username/password. Session IDs are generated using alphanumeric characters. A number of the characters are static
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1284",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1284",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4089",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1284",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-041",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4089",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. If the attacker can anticipate a current valid session ID then they will be able to access webmail accounts without possessing a valid username/password. \nSession IDs are generated using alphanumeric characters. A number of the characters are static",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1284"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "VULHUB",
"id": "VHN-4089"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3428",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1284",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4089",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"id": "VAR-200110-0110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:23.020000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3428"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4089"
},
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4089"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3428"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4089"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3428"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-041"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1284"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Predictable Session ID Vulnerability",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3428"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-041"
}
],
"trust": 0.9
}
}
VAR-200110-0108
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. A vulnerability exists which may remotely disclose sensitive information about the host running IMail Server. The disclosed information may be used to maliciously map out the directory structure of the host, facilitating further "intelligent" attacks on the host
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0108",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1282",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1282",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4087",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1282",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-046",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4087",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. \nA vulnerability exists which may remotely disclose sensitive information about the host running IMail Server. \nThe disclosed information may be used to maliciously map out the directory structure of the host, facilitating further \"intelligent\" attacks on the host",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1282"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "VULHUB",
"id": "VHN-4087"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3426",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1282",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4087",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"id": "VAR-200110-0108",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.996000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3426"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.asp"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4087"
},
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4087"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3426"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4087"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3426"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-046"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1282"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Path leak vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3426"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-046"
}
],
"trust": 0.9
}
}
VAR-200110-0112
Vulnerability from variot - Updated: 2025-04-03 22:25Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. A vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. This accomplished using directory traversal techniques while logged into the server with a valid session ID
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0112",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1286",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1286",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4091",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1286",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-044",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail 7.04 and earlier stores a user\u0027s session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker\u0027s control. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nA vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. \nThis accomplished using directory traversal techniques while logged into the server with a valid session ID",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1286"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "VULHUB",
"id": "VHN-4091"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1286",
"trust": 2.0
},
{
"db": "BID",
"id": "3432",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020310 IMAIL ACCOUNT HIJACK THROUGH THE WEB INTERFACE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4091",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"id": "VAR-200110-0112",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.972000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3432"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/261096"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4091"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4091"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3432"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4091"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3432"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-044"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail User Mailbox Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-044"
}
],
"trust": 0.6
}
}
VAR-200110-0109
Vulnerability from variot - Updated: 2025-04-03 22:25The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. The IPSwitch IMail Server webmail interface is prone to a denial of service. Theweb interface will crash if a mailbox with a name that contains 248+ dots('.') is accessed. If the webmail interface crashes then it must be restarted to regain normal functionality. CGI scripts that access mailboxes may also induce a denial of service in the same manner. Though it is unconfirmed, this issue may be caused by a buffer overflow. If thisis the case, a possibility does exist that this issue may be exploited to execute arbitrary code on the host. (dot) or other characters, resulting in service denial (crash)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0109",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered and posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1283",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1283",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4088",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1283",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-045",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4088",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP, etc. \nThe IPSwitch IMail Server webmail interface is prone to a denial of service. Theweb interface will crash if a mailbox with a name that contains 248+ dots(\u0027.\u0027) is accessed. If the webmail interface crashes then it must be restarted to regain normal functionality. CGI scripts that access mailboxes may also induce a denial of service in the same manner. \nThough it is unconfirmed, this issue may be caused by a buffer overflow. If thisis the case, a possibility does exist that this issue may be exploited to execute arbitrary code on the host. (dot) or other characters, resulting in service denial (crash)",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1283"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "VULHUB",
"id": "VHN-4088"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1283",
"trust": 2.0
},
{
"db": "BID",
"id": "3427",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4088",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"id": "VAR-200110-0109",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.946000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3427"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4088"
},
{
"db": "BID",
"id": "3427"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4088"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3427"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4088"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3427"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-045"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1283"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch IMail Server Mailbox Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-045"
}
],
"trust": 0.6
}
}
VAR-200110-0111
Vulnerability from variot - Updated: 2025-04-03 22:25Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. A vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. This accomplished using directory traversal techniques while logged into the server with a valid session ID. Remote attackers use the .
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "6.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq by Niels Heinen \u003czilli0n@gmx.net\u003e on Oct 12, 2001.",
"sources": [
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1285",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-4090",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1285",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4090",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. Ipswitch IMail is an email server that serves clients their mail via a web interface. IMail supports most common email protocols such as SMTP, POP3, IMAP4, and LDAP etc. \nA vulnerability exists in IMail which could enable an authenticated user to view the mailbox of another IMail user. \nThis accomplished using directory traversal techniques while logged into the server with a valid session ID. Remote attackers use the .",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1285"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "VULHUB",
"id": "VHN-4090"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-1285",
"trust": 2.0
},
{
"db": "BID",
"id": "3432",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20011011 IPSWITCH IMAIL 7.04 VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4090",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"id": "VAR-200110-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:25:22.921000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3432"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html"
},
{
"trust": 1.7,
"url": "http://www.ipswitch.com/support/imail/news.html"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/imail_server/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4090"
},
{
"db": "BID",
"id": "3432"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-4090"
},
{
"date": "2001-10-12T00:00:00",
"db": "BID",
"id": "3432"
},
{
"date": "2001-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"date": "2001-10-12T04:00:00",
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4090"
},
{
"date": "2009-07-11T09:06:00",
"db": "BID",
"id": "3432"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-042"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1285"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "pswitch Imail User Mailbox Disclosure Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200110-042"
}
],
"trust": 0.6
}
}
VAR-200210-0230
Vulnerability from variot - Updated: 2025-04-03 22:24IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. It has been reported that such a transaction with the service results in a crash of the iwebcal service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0230",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovery credited to \u003c2c79cbe14ac7d0b8472d3f129fa1df55@hush.com\u003e.",
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1077",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1077",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5465",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1077",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-198",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5465",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. It has been reported that such a transaction with the service results in a crash of the iwebcal service",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1077"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "VULHUB",
"id": "VHN-5465"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5465",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5365",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1077",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198",
"trust": 0.7
},
{
"db": "XF",
"id": "9722",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020730 IPSWITCH IMAIL ADVISORY #2",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21673",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75496",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"id": "VAR-200210-0230",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:11.482000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5365"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0399.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9722.php"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/support/imail/patch-upgrades.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5465"
},
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5465"
},
{
"date": "2002-07-30T00:00:00",
"db": "BID",
"id": "5365"
},
{
"date": "2002-10-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5465"
},
{
"date": "2009-07-11T14:56:00",
"db": "BID",
"id": "5365"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-198"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1077"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Calendar Incomplete Mail Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5365"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-198"
}
],
"trust": 0.9
}
}
VAR-200210-0229
Vulnerability from variot - Updated: 2025-04-03 22:22Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. The web messaging server is vulnerable to a buffer overflow. When the server receives a request for HTTP version 1.0, and the total request is 96 bytes or greater, a buffer overflow occurs. This could result in the execution of attacker-supplied instructions, and potentially allow an attacker to gain local access. ** Ipswitch has reported they are unable to reproduce this issue. In addition, Ipswitch has stated that the supplied, third party patch may in fact open additional vulnerabilities in the product. Ipswitch suggests that users do not apply the supplied patch. IMail's Web Messaging daemon lacks proper checks for parameters when processing HTTP/1.0 GET requests. Remote attackers can exploit this vulnerability to perform buffer overflow attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.7"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.6"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.5"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "7.0.1"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.4"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.9,
"vendor": "ipswitch",
"version": "6.3"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.2"
},
{
"model": "imail",
"scope": "eq",
"trust": 1.3,
"vendor": "ipswitch",
"version": "6.1"
},
{
"model": "imail",
"scope": "ne",
"trust": 0.3,
"vendor": "ipswitch",
"version": "7.12"
}
],
"sources": [
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "2c79cbe14ac7d0b8472d3f129fa1df\u203b c79cbe14ac7d0b8472d3f129fa1df55@yahoo.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1076",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5464",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1076",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-145",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5464",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. \nThe web messaging server is vulnerable to a buffer overflow. When the server receives a request for HTTP version 1.0, and the total request is 96 bytes or greater, a buffer overflow occurs. This could result in the execution of attacker-supplied instructions, and potentially allow an attacker to gain local access. \n** Ipswitch has reported they are unable to reproduce this issue. In addition, Ipswitch has stated that the supplied, third party patch may in fact open additional vulnerabilities in the product. Ipswitch suggests that users do not apply the supplied patch. IMail\u0027s Web Messaging daemon lacks proper checks for parameters when processing HTTP/1.0 GET requests. Remote attackers can exploit this vulnerability to perform buffer overflow attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1076"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "VULHUB",
"id": "VHN-5464"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5464",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5323",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1076",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20020725 IPSWITCH IMAIL ADVISORY/EXPLOIT/PATCH",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020729 HOAX EXPLOIT",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020729 RE: HOAX EXPLOIT (2C79CBE14AC7D0B8472D3F129FA1DF55 RETURNS)",
"trust": 0.6
},
{
"db": "XF",
"id": "9679",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75478",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21654",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5464",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"id": "VAR-200210-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:22:03.686000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5323"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0326.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0363.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0368.html"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020729-dm01.htm"
},
{
"trust": 1.7,
"url": "http://support.ipswitch.com/kb/im-20020731-dm02.htm"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9679.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5464"
},
{
"db": "BID",
"id": "5323"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5464"
},
{
"date": "2002-07-26T00:00:00",
"db": "BID",
"id": "5323"
},
{
"date": "2002-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5464"
},
{
"date": "2002-07-26T00:00:00",
"db": "BID",
"id": "5323"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-145"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSwitch IMail Web Messaging Daemon HTTP GET Remote buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-145"
}
],
"trust": 0.6
}
}