CVE-2004-0297 - Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in

CVE-2004-0297

Summary

Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length.

References

Vulnerable Configurations

cpe:2.3:a:ipswitch:imail:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:imail:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:imail:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:imail:8.0.5:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	9682
cert-vn	VU#972334
confirm	http://www.ipswitch.com/support/imail/releases/imail_professional/im805HF2.html
idefense	20040217 Ipswitch IMail LDAP Daemon Remote Buffer Overflow
osvdb	3984
xf	imail-ldap-tag-bo(15243)

saint via4

bid	9682
description	IMail LDAP buffer overflow
id	mail_misc_imailldap
osvdb	3984
title	imail_ldap
type	remote

Last major update

10-10-2017 - 01:30

Published

23-11-2004 - 05:00

Last modified

10-10-2017 - 01:30