Imail@5.0.8 Security Vulnerabilities and Issues — Imail@5.0.8 CVE List

Lucene search

IpswitchImail5.0.8

7 matches found

CVE•added 2011/03/16 10:55 p.m.•77 views

CVE-2011-1430

The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plai...

6.8CVSS6.7AI score0.6945EPSS

CVE•added 2000/10/13 4:0 a.m.•43 views

CVE-2000-0301

Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command.

5CVSS7AI score0.01554EPSS

CVE•added 2005/08/18 4:0 a.m.•39 views

CVE-2004-2422

Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component.

5CVSS6.7AI score0.00337EPSS

CVE•added 2001/09/12 4:0 a.m.•37 views

CVE-1999-1497

Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.

7.2CVSS6.7AI score0.00215EPSS

CVE•added 2003/04/02 5:0 a.m.•36 views

CVE-2002-0777

Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.

10CVSS8.3AI score0.42289EPSS

CVE•added 2000/10/13 4:0 a.m.•35 views

CVE-2000-0056

IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.

5CVSS6.6AI score0.01134EPSS

CVE•added 2005/08/18 4:0 a.m.•33 views

CVE-2004-2423

Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content."

5CVSS6.6AI score0.00587EPSS