Vulnerabilities > CVE-2004-2422 - Buffer Overflow Denial Of Service vulnerability in Ipswitch IMail Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | IPSWITCH_IMAIL_BO.NASL |
description | The remote host is running IMail web interface. This version contains multiple buffer overflows. An attacker could use these flaws to remotely crash the service accepting requests from users, or possibly execute arbitrary code. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14684 |
published | 2004-09-08 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14684 |
title | Ipswitch IMail Server < 8.13 Multiple Remote DoS |
code |
|
References
- http://secunia.com/advisories/12453
- http://securitytracker.com/id?1011146
- http://support.ipswitch.com/kb/IM-20040902-DM01.htm#FIXES
- http://www.osvdb.org/9552
- http://www.osvdb.org/9554
- http://www.securityfocus.com/bid/11106
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17219
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17222