var-200802-0084
Vulnerability from variot
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field. Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite arbitrary files. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content. These issues affect Ipswitch Instant Messaging 2.0.8.1; other versions may also be affected.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: Ipswitch Instant Messaging IMServer Denial of Service
SECUNIA ADVISORY ID: SA28824
VERIFY ADVISORY: http://secunia.com/advisories/28824/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: Ipswitch Instant Messaging 2.x http://secunia.com/product/14854/ Ipswitch Collaboration Suite (ICS) 2.x http://secunia.com/product/5167/
DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Ipswitch Instant Messaging, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the IMServer service (IMServer.exe) and can be exploited to crash the service via a specially crafted packet sent to default port 5177/TCP.
NOTE: Other errors have also been reported e.g. a format-string error in the logging function.
The vulnerability is confirmed in version 2.08 and is also reported to affect the IM clients.
SOLUTION: Use in a trusted network environment only.
PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma
ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/ipsimene-adv.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200802-0084", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "imserver", "scope": "lte", "trust": 1.8, "vendor": "ipswitch", "version": "2.0.8.1" }, { "model": "instant messaging", "scope": "lte", "trust": 1.8, "vendor": "ipswitch", "version": "2.0.8.1" }, { "model": "instant messaging", "scope": "eq", "trust": 0.9, "vendor": "ipswitch", "version": "2.0.8.1" }, { "model": "imserver", "scope": "eq", "trust": 0.6, "vendor": "ipswitch", "version": "2.0.8.1" } ], "sources": [ { "db": "BID", "id": "27677" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "CNNVD", "id": "CNNVD-200802-453" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:ipswitch:imserver", "vulnerable": true }, { "cpe22Uri": "cpe:/a:ipswitch:instant_messaging", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2008-004153" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Luigi Auriemma is credited with discovering these vulnerabilities.", "sources": [ { "db": "BID", "id": "27677" } ], "trust": 0.3 }, "cve": "CVE-2008-0945", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "id": "CVE-2008-0945", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "id": "VHN-31070", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2008-0945", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2008-0945", "trust": 0.8, "value": "Low" }, { "author": "CNNVD", "id": "CNNVD-200802-453", "trust": 0.6, "value": "LOW" }, { "author": "VULHUB", "id": "VHN-31070", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-31070" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "CNNVD", "id": "CNNVD-200802-453" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field. Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite arbitrary files. \nAttackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content. \nThese issues affect Ipswitch Instant Messaging 2.0.8.1; other versions may also be affected. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch Instant Messaging IMServer Denial of Service\n\nSECUNIA ADVISORY ID:\nSA28824\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28824/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Instant Messaging 2.x\nhttp://secunia.com/product/14854/\nIpswitch Collaboration Suite (ICS) 2.x\nhttp://secunia.com/product/5167/\n\nDESCRIPTION:\nLuigi Auriemma has discovered a vulnerability in Ipswitch Instant\nMessaging, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nThe vulnerability is caused due to an error in the IMServer service\n(IMServer.exe) and can be exploited to crash the service via a\nspecially crafted packet sent to default port 5177/TCP. \n\nNOTE: Other errors have also been reported e.g. a format-string error\nin the logging function. \n\nThe vulnerability is confirmed in version 2.08 and is also reported\nto affect the IM clients. \n\nSOLUTION:\nUse in a trusted network environment only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nhttp://aluigi.altervista.org/adv/ipsimene-adv.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2008-0945" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "BID", "id": "27677" }, { "db": "VULHUB", "id": "VHN-31070" }, { "db": "PACKETSTORM", "id": "63425" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2008-0945", "trust": 2.8 }, { "db": "BID", "id": "27677", "trust": 2.0 }, { "db": "SECUNIA", "id": "28824", "trust": 1.8 }, { "db": "SREASON", "id": "3697", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2008-004153", "trust": 0.8 }, { "db": "BUGTRAQ", "id": "20080207 MULTIPLE VULNERABILITIES IN IPSWITCH INSTANT MESSAGING 2.0.8.1", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200802-453", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-31070", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "63425", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-31070" }, { "db": "BID", "id": "27677" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "PACKETSTORM", "id": "63425" }, { "db": "CNNVD", "id": "CNNVD-200802-453" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "id": "VAR-200802-0084", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-31070" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T22:03:42.012000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Instant Messaging", "trust": 0.8, "url": "http://www.imailserver.com/products/ipswitch-instant-messaging/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2008-004153" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-134", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/27677" }, { "trust": 1.7, "url": "http://aluigi.org/poc/ipsimene.zip" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28824" }, { "trust": 1.7, "url": "http://securityreason.com/securityalert/3697" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0945" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0945" }, { "trust": 0.6, "url": "http://www.securityfocus.com/archive/1/archive/1/487748/100/200/threaded" }, { "trust": 0.3, "url": "http://www.ipswitch.com/products/instant_messaging" }, { "trust": 0.3, "url": "/archive/1/487748" }, { "trust": 0.1, "url": "http://secunia.com/secunia_security_advisories/" }, { "trust": 0.1, "url": "https://psi.secunia.com/?page=changelog" }, { "trust": 0.1, "url": "https://psi.secunia.com/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/28824/" }, { "trust": 0.1, "url": "http://secunia.com/product/14854/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/product/5167/" }, { "trust": 0.1, "url": "http://secunia.com/about_secunia_advisories/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-31070" }, { "db": "BID", "id": "27677" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "PACKETSTORM", "id": "63425" }, { "db": "CNNVD", "id": "CNNVD-200802-453" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-31070" }, { "db": "BID", "id": "27677" }, { "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "db": "PACKETSTORM", "id": "63425" }, { "db": "CNNVD", "id": "CNNVD-200802-453" }, { "db": "NVD", "id": "CVE-2008-0945" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2008-02-25T00:00:00", "db": "VULHUB", "id": "VHN-31070" }, { "date": "2008-02-07T00:00:00", "db": "BID", "id": "27677" }, { "date": "2012-09-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "date": "2008-02-09T00:15:54", "db": "PACKETSTORM", "id": "63425" }, { "date": "2008-02-25T00:00:00", "db": "CNNVD", "id": "CNNVD-200802-453" }, { "date": "2008-02-25T21:44:00", "db": "NVD", "id": "CVE-2008-0945" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-15T00:00:00", "db": "VULHUB", "id": "VHN-31070" }, { "date": "2016-07-06T14:17:00", "db": "BID", "id": "27677" }, { "date": "2012-09-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2008-004153" }, { "date": "2008-09-05T00:00:00", "db": "CNNVD", "id": "CNNVD-200802-453" }, { "date": "2024-11-21T00:43:17.180000", "db": "NVD", "id": "CVE-2008-0945" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200802-453" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ipswitch IM of IM Server of logging Format string vulnerability in functions", "sources": [ { "db": "JVNDB", "id": "JVNDB-2008-004153" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "format string", "sources": [ { "db": "CNNVD", "id": "CNNVD-200802-453" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.