CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
96.7%
Added: 01/04/2006
CVE: CVE-2005-1255
BID: 13727
OSVDB: 16804
IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring.
A remote attacker could execute arbitrary commands by sending a long specially crafted **LOGIN**
command starting with a special character. The attacker would not need to have knowledge of a valid account name and password in order to exploit this vulnerability.
Install the IMail Server 8.02 Patch.
[http://www.idefense.com/intelligence/vulnerabilities/display.php?id=243&type=vulnerabilities ](<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=243&type=vulnerabilities
>)
Exploit works against Ipswitch Collaboration Suite 2.0.
Windows 2000
Windows XP