Vulnerabilities > Ipswitch > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-21 | CVE-2007-3925 | Buffer Errors vulnerability in Ipswitch Imail Server and Ipswitch Collaboration Suite Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command. | 6.5 |
| 2007-02-02 | CVE-2007-0666 | Remote Security vulnerability in Ipswitch WS FTP Server 5.04 Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module. network ipswitch | 6.8 |
| 2007-02-02 | CVE-2007-0665 | Unspecified vulnerability in Ipswitch WS FTP PRO 2007 Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command. network ipswitch | 6.8 |
| 2006-07-13 | CVE-2006-3552 | Remote Security vulnerability in Ipswitch products Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission. | 6.4 |
| 2006-05-15 | CVE-2006-2357 | Remote Security vulnerability in Ipswitch Whatsup Professional 2006/2006Premium Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp. | 5.0 |
| 2006-05-15 | CVE-2006-2356 | Information Exposure vulnerability in Ipswitch Whatsup Professional 2006 NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter. | 5.0 |
| 2006-05-15 | CVE-2006-2355 | Remote Security vulnerability in Ipswitch Whatsup Professional 2006/2006Premium Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. | 5.0 |
| 2006-05-15 | CVE-2006-2354 | Remote Security vulnerability in Ipswitch Whatsup Professional 2006/2006Premium NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. | 5.0 |
| 2006-05-15 | CVE-2006-2353 | Permissions, Privileges, and Access Controls vulnerability in Ipswitch Whatsup Professional 2006/2006Premium NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters. | 5.0 |
| 2006-05-15 | CVE-2006-2352 | Cross-Site Scripting vulnerability in Ipswitch Whatsup Professional 2006/2006Premium Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. network ipswitch | 4.3 |