CVE-2004-2422

CVE-2004-2422 affects Ipswitch IMail Server prior to 8.13. The vulnerability is a denial of service via malformed input: a long sender field to the Queue Manager or a long To field to the Web Messaging component. OpenVAS notes this version includes multiple buffer overflows in the IMail web inter...

CVE-2004-2423

CVE-2004-2423 affects Ipswitch IMail Server web calendar component prior to 8.13. Reports in multiple sources (NVD, CVE lists, OpenVAS) describe a denial-of-service via specific content, with OpenVAS noting multiple buffer overflows in the IMail web interface. The vulnerability is triggered remot...

CVE-2004-2401

Stack-based buffer overflow in Ipswitch IMail Express Web Messaging before 8.05 might allow remote attackers to execute arbitrary code via an HTML message with long "tag text."...

CVE-2004-2401

CVE-2004-2401 affects Ipswitch IMail Express Web Messaging prior to version 8.05. The issue is a stack-based buffer overflow triggered by an HTML message containing long "tag text", which could allow remote attackers to execute arbitrary code. The NVD entry lists a base score of 7.5 (High) with n...

iDEFENSE Security Advisory 2005-05-24.4

Ipswitch IMail Web Calendaring Arbitrary File Read Vulnerability iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=242&type=vulnerabilities May 24, 2005 I. BACKGROUND Ipswitch Collaboration Suite ICS is a comprehensive communication and collaboration solution for...

IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit

Exploit for linux platform in category remote exploits ======================================================= IPSwitch IMail Server = 8.15 IMAPD Remote Root Exploit ======================================================= IpSwitch IMAIL Server IMAPD Remote r00t Exploit by kcope June 2005...

IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution

IpSwitch IMAIL Server IMAPD Remote r00t Exploit by kcope June 2005 Confidential! use IO::Socket; 316 bytes $cbsc = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\xC2\xE2\xFA" ."\xEB\x05\xE8\xEB\xFF\xFF\xFF" ."\x2B\x39\xC2\xC2\xC2\x9D\xA6\x63\xF2\xC2\xC2\xC2\x49\x82\xCE\x49"...

IPSwitch IMail Server &lt;= 8.15 IMAPD Remote Root Exploit

No description provided by source. IpSwitch IMAIL Server IMAPD Remote r00t Exploit by kcope June 2005 Confidential! use IO::Socket; 316 bytes $cbsc = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\xC2\xE2\xFA" ."\xEB\x05\xE8\xEB\xFF\xFF\xFF"...

IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution

IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution IpSwitch IMAIL Server IMAPD Remote r00t Exploit by kcope June 2005 Confidential! use IO::Socket; 316 bytes $cbsc = "\xEB\x10\x5B\x4B\x33\xC9\x66\xB9\x25\x01\x80\x34\x0B\xC2\xE2\xFA" ."\xEB\x05\xE8\xEB\xFF\xFF\xFF"...

IpSwitch WhatsUp < 2005 SP 1A Login.asp Multiple Parameter SQL Injection

Binary data 3027.prm...

Ipswitch WhatsUp Professional Login.asp Multiple Field SQL Injection

The remote host is running Ipswitch WhatsUp Professional, a network management and monitoring package. The web front-end for WhatsUp Professional on the remote host is prone to a SQL injection attack because it fails to sanitize the 'sUserName' and 'sPassword' parameters in the 'Login.asp' script...

IpSwitch WhatsUp network management solution SQL injection

SQL injection during Web interface authentication process...

CVE-2005-1250

The CVE-2005-1250 entry describes a SQL injection in Ipswitch WhatsUp Professional 2005 SP1, targeting the web front end (NmConsole/Login.asp). The vulnerability allows remote attackers to submit crafted input in the User Name (sUserName) or Password (sPassword) fields, potentially yielding arbit...

CVE-2005-1250

SQL injection vulnerability in the logon screen of the web front end NmConsole/Login.asp for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the 1 User Name field sUserName parameter or 2 Password sPassword parameter...

CVE-2005-1250

SQL injection vulnerability in the logon screen of the web front end NmConsole/Login.asp for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the 1 User Name field sUserName parameter or 2 Password sPassword parameter...

Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection

Ipswitch WhatsUp Professional 2005 SP1 - login.asp SQL Injection source: https://www.securityfocus.com/bid/14039/info WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize...

KLA10228 ACE vulnerability in WhatsUp Professional

An SQL injection vulnerability was found in WhatsUp Professional. By exploiting this vulnerability malicious users can execute arbitrary SQL commands. This vulnerability can be exploited remotely at points related to the logon screen. Original advisories - Related products...

Ipswitch WhatsUp Professional 2005 SP1 - &#039;login.asp&#039; SQL Injection

source: https://www.securityfocus.com/bid/14039/info WhatsUp Professional is prone to an SQL injection vulnerability affecting its Web-based front end. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL...

IPSwitch IMAP Server LOGON Remote Stack Overflow

No description provided by source. / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH...

Immunity Canvas: ZEN

Name| zen ---|--- CVE| CVE-2005-1255 Exploit Pack| CANVAS Description| imailimap Notes| CVE Name: CVE-2005-1255 VENDOR: IPSwitch VersionsAffected: IMail 8.13 Repeatability: This is a one shot exploit. CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1255 CVSS: 10.0...