Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1255

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-1255
Last Modified 15 Nov 2008 12:46:12
Published 25 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1255

Summary

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.

Vulnerable Systems

Application

  • Ipswitch Collaboration Suite

  • Ipswitch Imail 8.12

  • Ipswitch Imail 8.13

  • Ipswitch Imail Server 8.2 Hotfix 2


References

CONFIRM - http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html

BID - 13727

IDEFENSE - 20050524 Ipswitch IMail IMAP LOGIN Remote Buffer Overflow Vulnerabilities

SECTRACK - 1014047


Last Updated: 27 May 2016 10:40:06