Vulnerabilities > CVE-2000-0056 - Unspecified vulnerability in Ipswitch Imail 5.0.8/6.0/6.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ipswitch

nessus

exploit available

NVD

Published: 2000-01-05

Updated: 2008-09-10

Summary

IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.

Vulnerable Configurations

Part	Description	Count
Application	Ipswitch Ipswitch Imail 5.0.8 Ipswitch Imail 6.1 Ipswitch Imail 6.0	3

Exploit-Db

description	Ipswitch IMail 5.0.8/6.0/6.1 IMonitor status.cgi DoS Vulnerability. CVE-2000-0056. Dos exploit for windows platform
id	EDB-ID:19711
last seen	2016-02-02
modified	2000-01-05
published	2000-01-05
reporter	Ussr Labs
source	https://www.exploit-db.com/download/19711/
title	Ipswitch IMail 5.0.8/6.0/6.1 IMonitor status.cgi DoS Vulnerability

Nessus

NASL family	Gain a shell remotely
NASL id	IMAIL_IMONITOR_OVERFLOW.NASL
description	The remote host appears to be running IMail IMAP server.The installed version is reportedly affected by a buffer overflow vulnerability in the IMonitor. An attacker could exploit this flaw in order to cause a denial of service or potentially execute arbitrary code subject to the privileges of the affected service.
last seen	2020-06-01
modified	2020-06-02
plugin id	10124
published	1999-06-22
reporter	This script is Copyright (C) 1999-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10124
title	IMail IMonitor Service Remote Overflow
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(10124); script_version("1.41"); script_cvs_date("Date: 2018/11/15 20:50:22"); script_cve_id("CVE-1999-1046", "CVE-2000-0056"); script_bugtraq_id(502, 504, 506, 914); script_name(english:"IMail IMonitor Service Remote Overflow"); script_summary(english:"IMail's IMonitor buffer overflow."); script_set_attribute(attribute:"synopsis", value: "The remote IMAP server is affected by a buffer overflow vulnerability."); script_set_attribute(attribute:"description", value: "The remote host appears to be running IMail IMAP server.The installed version is reportedly affected by a buffer overflow vulnerability in the IMonitor. An attacker could exploit this flaw in order to cause a denial of service or potentially execute arbitrary code subject to the privileges of the affected service."); script_set_attribute(attribute:"see_also", value:"https://marc.info/?l=bugtraq&m=92038879607336&w=2"); script_set_attribute(attribute:"solution", value: "There is no known solution at this time."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value:"1999/06/22"); script_set_attribute(attribute:"vuln_publication_date", value:"1999/03/01"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc."); script_family(english:"Gain a shell remotely"); script_require_ports("Services/imonitor", 8181); script_dependencies("find_service1.nasl", "http_version.nasl"); exit(0); } # # The script code starts here # include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_service(svc:"imonitor", default:8181, exit_on_fail:TRUE); banner = get_http_banner(port:port, exit_on_fail:TRUE); if(egrep(pattern:"^Server: IMail_Monitor/([0-5]\.\|6\.[01][^0-9])", string:banner)) security_hole(port);

References

http://www.securityfocus.com/bid/914