13 matches found
CVE-2007-1637
CVE-2007-1637 affects Ipswitch IMail Server prior to 2006.2. Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) allow remote code execution via the IMailServer, IMailLDAPService, and IMailUserCollection components (WebConnect/Connect, Sync3/Init3, and SetReplyTo members)....
CVE-2006-4379
CVE-2006-4379 affects Ipswitch IMail Server (and related Ipswitch products) where the SMTP daemon is vulnerable to a stack-based buffer overflow via a long RCPT TO argument (between @ and :) that allows remote code execution. Public material across advisories and exploit references notes the issu...
CVE-2007-3925
Ipswitch IMail Server 2006.x (IMAP service, imapd32.exe) contains multiple buffer overflows in the IMAP SEARCH and SEARCH CHARSET commands. The issue affects 2006.1 up to before 2006.21, enabling a remote authenticated attacker to execute arbitrary code by sending specially crafted commands. The ...
CVE-2005-1255
CVE-2005-1255 refers to multiple stack-based buffer overflows in the IMail IMAP server (Ipswitch Collaboration Suite and related IMail Server versions). The vulnerability allows a remote attacker to cause arbitrary code execution by sending a crafted LOGIN command with an overly long username arg...
CVE-2005-0707
Ipswitch Collaboration Suite's IMAP server (IMAP4d32.exe) is affected by a buffer overflow in the IMAP EXAMINE handler, allowing remote authenticated attackers to execute arbitrary code. The issue exists in ICS before 8.15 Hotfix 1; iDEFENSE describes a 259-byte malformed mailbox name causing sta...
CVE-2005-1256
A stack-based buffer overflow vulnerability in Ipswitch IMail’s IMAP STATUS handling allows remote authentication-enabled attackers to execute arbitrary code. A long mailbox name in the STATUS command can overflow IMAPD32.EXE (IMail 8.13 in Ipswitch Collaboration Suite and earlier versions) and m...
CVE-2005-3526
The CVE-2005-3526 issue affects Ipswitch Collaboration Suite’s IMAP daemon (Ipswitch IMail Server/Collaboration Suite) identified in versions 2006.02 and earlier. The vulnerability stems from a lack of bounds checking while parsing long arguments to the FETCH command, enabling remote authenticate...
CVE-2006-3552
Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium are affected. Using a specific .dat file in the StarEngine /data directory up to 20060630 or earlier prevents proper reception and implementation of bullet signature updates, enabling context-dependent attackers to misuse the ...
CVE-2005-2931
Ipswitch Collaboration Suite / IMail Server 8.20 (ICS) is affected by a format-string vulnerability in the SMTP server that allows remote attackers to execute arbitrary code via crafted input to the EXPN, MAIL, MAIL FROM, or RCPT TO commands. The issue stems from improper handling of format speci...
CVE-2005-1249
The IMAP daemon (IMAPD32.EXE) in Ipswitch IPS/ICS resolves a DoS by parsing a malformed LSUB command consisting of a long string of NULL characters, causing an infinite loop and high CPU usage. Affected: Ipswitch IMail/Collaboration Suite (ICS); observed in IMAPD32.EXE (vulnerable ranges not full...
CVE-2005-2923
CVE-2005-2923 affects Ipswitch’s IMail Server IMAP service (IP: Ipswitch Collaboration Suite). The vulnerability lies in the IMAP LIST command handling: when a long LIST argument (~8000 bytes) is processed, the server can reference invalid memory, leading to a crash (DoS). This requires authentic...
CVE-2007-3927
Ipswitch IMail Server 2006 before 2006.21 has a buffer overflow in the IMAP SUBSCRIBE handling that can allow an authenticated attacker to execute arbitrary commands on Windows (IMail service). The issue is described as a SUBSCRIBE-related buffer overflow and other unspecified vectors, with the k...
CVE-2007-3959
The CVE covers Ipswitch Ipswitch IM Server (IM Server/IMserve/IMserver) prior to version 2.07 within Ipswitch Collaboration Suite, which is vulnerable to a remote denial-of-service. An unauthenticated attacker can send crafted data to TCP port 5179 that overwrites a destructor through the DoAttac...