Vulnerabilities > Ipswitch > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-17 | CVE-2007-3823 | Denial-Of-Service vulnerability in Ipswitch WS FTP 7.5.29.0 The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp. | 7.8 |
| 2007-04-24 | CVE-2007-2213 | Remote Denial of Service vulnerability in Ipswitch WS FTP 2007 Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Professional 2007 allows remote attackers to cause a denial of service (NULL dereference and application crash) via unspecified vectors related to "improper arguments." | 7.8 |
| 2007-01-18 | CVE-2007-0330 | Local Memory Corruption vulnerability in Ipswitch WS FTP PRO 2007 Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. | 7.5 |
| 2006-09-25 | CVE-2006-4974 | Remote Buffer Overflow vulnerability in Ipswitch WS FTP Server 5.08Limitededition Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. | 7.5 |
| 2006-09-08 | CVE-2006-4379 | Stack Overflow vulnerability in Ipswitch products Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character. | 7.5 |
| 2006-05-22 | CVE-2006-2531 | Authentication Bypass vulnerability in Ipswitch Whatsup Professional2006 Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole". | 7.5 |
| 2005-12-07 | CVE-2005-2931 | Remote Format String vulnerability in Ipswitch Imail Server and Ipswitch Collaboration Suite Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands. | 7.5 |
| 2005-07-06 | CVE-2005-2160 | Cleartext Storage of Sensitive Information vulnerability in Ipswitch Imail 2006 IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. | 7.5 |
| 2005-06-22 | CVE-2005-1250 | Unspecified vulnerability in Ipswitch Whatsup Professional2005Sp1 SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter). | 7.5 |
| 2005-05-02 | CVE-2005-0707 | Buffer Overflow vulnerability in Ipswitch Collaboration Suite IMail Server IMAP EXAMINE Argument Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. | 7.2 |