Vulnerabilities > CVE-2005-1254 - Multiple vulnerability in Ipswitch IMail Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ipswitch

NVD

Published: 2005-05-25

Updated: 2008-11-15

Summary

Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument.

Vulnerable Configurations

Part	Description	Count
Application	Ipswitch Ipswitch Imail 8.12 Ipswitch Imail 8.13 Ipswitch Imail 5.0 Ipswitch Imail 5.0.5 Ipswitch Imail 5.0.6 Ipswitch Imail 5.0.7 Ipswitch Imail 5.0.8 Ipswitch Imail 6.0 Ipswitch Imail 6.00 Ipswitch Imail 6.0.1 Ipswitch Imail 6.0.2 Ipswitch Imail 6.0.3 Ipswitch Imail 6.0.4 Ipswitch Imail 6.0.5 Ipswitch Imail 6.0.6 Ipswitch Imail 6.1 Ipswitch Imail 6.2 Ipswitch Imail 6.3 Ipswitch Imail 6.4 Ipswitch Imail 6.06 Ipswitch Imail 7.0.1 Ipswitch Imail 7.0.2 Ipswitch Imail 7.0.3 Ipswitch Imail 7.0.4 Ipswitch Imail 7.0.5 Ipswitch Imail 7.0.6 Ipswitch Imail 7.0.7 Ipswitch Imail 7.1 Ipswitch Imail 7.12 Ipswitch Imail 8.0.3 Ipswitch Imail 8.0.5 Ipswitch Imail 8.01 Ipswitch Imail 8.1 Ipswitch Imail 8.11 Ipswitch Imail 8.22 Ipswitch Imail 10 Ipswitch Imail 10.01 Ipswitch Imail 10.02 Ipswitch Imail 11 Ipswitch Imail 11.01 Ipswitch Imail 11.02 Ipswitch Imail 11.03 Ipswitch Imail 2006 Ipswitch Imail 2006.1 Ipswitch Imail 2006.2	45

Saint

bid 13727
description IMail IMAP STATUS buffer overflow
id mail_imap_imail
osvdb 16806
title imail_imap_status
type remote
bid 13727
description IMail IMAP LOGIN special character vulnerability
id mail_imap_imail
osvdb 16804
title imail_imap_login_specialchar
type remote

bid	13727
description	IMail IMAP STATUS buffer overflow
id	mail_imap_imail
osvdb	16806
title	imail_imap_status
type	remote

Summary

Vulnerable Configurations

Saint

References