imail vulnerabilities and exploits

5
CVSSv2
CVE-2000-0301

Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command....

4.6
CVSSv2
CVE-2004-1520

Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command....

IpswitchImail
5
CVSSv2
CVE-2000-0056

IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi....

IpswitchImail
5
CVSSv2
CVE-2004-2423

Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content."...

5
CVSSv2
CVE-1999-1551

Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL....

IpswitchImail
7.5
CVSSv2
CVE-2001-1211

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an...

5
CVSSv2
CVE-2001-1285

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter....

7.5
CVSSv2
CVE-2001-1286

Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control....

5
CVSSv2
CVE-2001-1281

Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form....

6.4
CVSSv2
CVE-2000-0780

The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack....

IpswitchImail