Vulnerabilities > CVE-2005-1249 - Multiple vulnerability in Ipswitch IMail Server

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
ipswitch
NVD
Published: 2005-05-25
Updated: 2008-11-15

Summary

The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.

Vulnerable Configurations

Part Description Count
Application
Ipswitch
1

Saint

  • bid13727
    descriptionIMail IMAP STATUS buffer overflow
    idmail_imap_imail
    osvdb16806
    titleimail_imap_status
    typeremote
  • bid13727
    descriptionIMail IMAP LOGIN special character vulnerability
    idmail_imap_imail
    osvdb16804
    titleimail_imap_login_specialchar
    typeremote

References