Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0945

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2008-0945
Last Modified 05 Sep 2008 05:36:24
Published 25 Feb 2008 04:44:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-0945

Summary

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.

Vulnerable Systems

Application

  • Ipswitch Imserver 2.0.8.1

  • Ipswitch Instant Messaging 2.0.8.1


References

BID - 27677

BUGTRAQ - 20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1

SECUNIA - 28824

MISC - http://aluigi.org/poc/ipsimene.zip

MISC - http://aluigi.altervista.org/adv/ipsimene-adv.txt

SREASON - 3697


Last Updated: 27 May 2016 10:46:58