Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1256

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-1256
Last Modified 15 Nov 2008 12:46:12
Published 25 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1256

Summary

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.

Vulnerable Systems

Application

  • Ipswitch Collaboration Suite

  • Ipswitch Imail 8.13

  • Ipswitch Imail Server 8.2 Hotfix 2


References

CONFIRM - http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html

BID - 13727

IDEFENSE - 20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability

SECTRACK - 1014047


Last Updated: 27 May 2016 10:40:06