1010 matches found
CVE-2007-4555
Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...
Cross site scripting
Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...
CVE-2007-4555
CVE-2007-4555 describes a cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP's administration interface. The issue occurs when arguments to a valid command are not properly sanitized and are displayed by the view log option, enabling an attacker to inject arbitrary web script or HTML. Th...
CVE-2007-4555
Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...
Ipswitch WS_FTP服务器远程脚本注入漏洞
WSFTP是一个Winsock协议下标准的FTP客户端工具。 WSFTP处理日志中可能出现的HTML代码时存在漏洞,远程攻击者可能利用此漏洞执行跨站脚本攻击。 WSFTP服务器记录客户端FTP命令时存在跨站脚本漏洞。如果客户端的FTP命令无效(error)的话,服务器就会将特殊的字符转换成HTML字符( = , = )并记录,但如果FTP命令有效的话就不会执行任何过滤检查,因此可能向日志文件中注入HTML和Javascript。WSFTP管理界面中有一个查看日志选项,在查看日志时就可以利用上述漏洞窃取管理员cookie,或直接创建FTP服务器的新用户帐号。 Ipswitch WSFTP...
Ipswitch IMail Server SEARCH命令远程缓冲区溢出漏洞
BUGTRAQ ID: 25176 Ipswitch IMail Server是Ipswitch协作组件中捆绑的一个邮件服务器。 IMail服务器处理SEARCH命令请求的参数时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 IMail服务器在处理SEARCH命令的多个选项(BEFORE,ON,SINCE,SENTBEFORE,SENTON,SENTSINCE)时存在栈缓冲区溢出问题,远程攻击者可以通过提交畸形超长的SEARCH请求触发溢出,导致执行任意指令。 Ipswitch IMail Premium 2006.2 Ipswitch IMail 2006.21...
Ipswitch IMail IMAP SUBSCRIBE command buffer overflow
Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...
Ipswitch IMail IMAP SUBSCRIBE command buffer overflow
Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...
Ipswitch IMail IMAP SUBSCRIBE command buffer overflow
Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...
Ipswitch IMail IMAP SUBSCRIBE command buffer overflow
Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...
Preemptive Protection against Ipswitch IMail Server IMAP SEARCH Command Buffer Overflow Vulnerability
A buffer overflow vulnerability exists in Ipswitch IMail Server IMAP component. Ipswitch IMail server is a messaging service suite that supports numerous mail exchanging protocols, including the Internet Message Access Protocol IMAP. IMAP is a standard protocol for accessing e-mail from a local...
Preemptive Protection against Ipswitch IMail Server IMAP SUBSCRIBE Command Buffer Overflow Vulnerability
A buffer overflow vulnerability exists in Ipswitch IMail Server IMAP component. Ipswitch IMail server is a messaging service suite that supports numerous mail exchanging protocols, including the Internet Message Access Protocol IMAP. IMAP is a standard protocol for accessing e-mail from a local...
Preemptive Protection against Ipswitch IMail Server LOGIN Command Buffer Overflow Vulnerability
A buffer overflow vulnerability exists in Ipswitch IMail Server IMAP component. Ipswitch IMail server is a messaging service suite that supports numerous mail exchanging protocols, including the Internet Message Access Protocol IMAP. IMAP is a standard protocol for accessing e-mail from a local...
Ipswitch IMail IMAP SEARCH Buffer Overflow
This module exploits a stack buffer overflow in Ipswitch IMail Server 2006.1 IMAP SEARCH verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution. In order for this module to be successful, the IMAP user must have at least one message. This module...
IPSwitch IMail Server 2006 9.10 SUBSCRIBE Remote Overflow Exploit
No description provided by source. !/use/bin/perl Test on Imail 20069.10, imap4d32.exe6.8.8.1, windows 2003 Chinese SP1 Code by yunshu, our team: www.ph4nt0m.org Mail list: http://list.ph4nt0m.org F:perl imailSUBSCRIBE.pl 192.168.1.2 testuser testpass OK IMAP4 Server IMail 9.10 0 OK LOGIN complet...
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow
!/use/bin/perl Test on Imail 20069.10, imap4d32.exe6.8.8.1, windows 2003 Chinese SP1 Code by yunshu, our team: www.ph4nt0m.org Mail list: http://list.ph4nt0m.org F:\perl imailSUBSCRIBE.pl 192.168.1.2 testuser testpass OK IMAP4 Server IMail 9.10 0 OK LOGIN completed FLAGS \Answered \Flagged \Delet...