ID CVE-2005-1249
Summary The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
References
Vulnerable Configurations
  • cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*
    cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 15-11-2008 - 05:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 13727
confirm http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html
idefense 20050524 Ipswitch IMail IMAP LSUB DoS Vulnerability
sectrack 1014047
saint via4
  • bid 13727
    description IMail IMAP STATUS buffer overflow
    id mail_imap_imail
    osvdb 16806
    title imail_imap_status
    type remote
  • bid 13727
    description IMail IMAP LOGIN special character vulnerability
    id mail_imap_imail
    osvdb 16804
    title imail_imap_login_specialchar
    type remote
Last major update 15-11-2008 - 05:46
Published 25-05-2005 - 04:00
Last modified 15-11-2008 - 05:46
Back to Top