[SA19168] Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability

TITLE: Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability SECUNIA ADVISORY ID: SA19168 VERIFY ADVISORY: http://secunia.com/advisories/19168/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006...

Design/Logic Flaw

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...

CVE-2006-0911

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...

CVE-2006-0911

NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service CPU consumption via crafted requests to Login.asp, possibly involving the 1 "In" and 2 "b;tnLogIn" parameters, or 3 malformed btnLogIn parameters, possibly involving missing "" open bracket or...

CVE-2006-0911

CVE-2006-0911 affects Ipswitch WhatsUp Professional 2006. The vulnerable component is NmService.exe handling requests to Login.asp. The underlying issue is triggered by crafted requests that use the parameters (1) "In]" and (2) "b;tnLogIn", or (3) malformed btnLogIn, potentially involving missing...

ipswitch_dos.txt

Synopsis: IPSwitch WhatsUp Professional 2006 DoS Flaw Product: IPSwitch WhatsUp http://www.ipswitch.com Version: Confirmed on WhatsUp Professional 2006 Author: Josh Zlatin-Amishav Date: February 22, 2006 Background: WhatsUp Professional 2006 is application and network management that keeps your...

IPSwitch WhatsUp network managment application DoS

Malformed requests to Web interface lead to CPU exhaustion...

IpSwitch WhatsUp Professional 2006 DoS

Synopsis: IPSwitch WhatsUp Professional 2006 DoS Flaw Product: IPSwitch WhatsUp http://www.ipswitch.com Version: Confirmed on WhatsUp Professional 2006 Author: Josh Zlatin-Amishav Date: February 22, 2006 Background: WhatsUp Professional 2006 is application and network management that keeps your...

Ipswitch WhatsUp Professional 2006 - Remote Denial of Service

source: https://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remote attackers to consume excessive...

Ipswitch WhatsUp Professional 2006 - Remote Denial of Service

Ipswitch WhatsUp Professional 2006 - Remote Denial of Service source: https://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET...

CVE-2005-1939

Ipswitch WhatsUp Small Business (2004) has a directory traversal vulnerability in the Report service (TCP 8022). The issue stems from insufficient sanitization of HTTP requests, allowing an unauthenticated user to read arbitrary files on the target host by crafting requests with .. sequences. The...

CVE-2005-1939

Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." dot dot sequences in a request to the Report service TCP 8022...

IMail IMAP LOGIN special character vulnerability

Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...

IMail IMAP LOGIN special character vulnerability

Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...

CVE-2005-3526

Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command...

CVE-2005-1939

Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." dot dot sequences in a request to the Report service TCP 8022...

Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String

The remote host is running Ipswitch Collaboration Suite or IMail Server, commercial messaging and collaboration suites for Windows. The version of Ipswitch Collaboration Suite / IMail server installed on the remote host contains an SMTP server that suffers from a format string flaw. By supplying ...

[Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability

Ipswitch Collaboration Suite SMTP Format String Vulnerability iDEFENSE Security Advisory 12.06.05 www.idefense.com/application/poi/display?id=346&type=vulnerabilities December 6, 2005 I. BACKGROUND Ipswitch Collaboration Suite provides e-mail and real-time collaboration, calendar and contact list...

IPSwitch Imail mail server DoS

Uninitialized memory access on oversized IMAP LIST command argument...

[Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch IMail IMAP List Command DoS Vulnerability

Ipswitch IMail IMAP List Command DoS Vulnerability iDEFENSE Security Advisory 12.06.05 www.idefense.com/application/poi/display?id=347&type=vulnerabilities December 6, 2005 I. BACKGROUND Ipswitch Imail Server is an email server that is part of the IpSwitch Collaboration suit. Imail Supports POP3,...