cvelistv5 - cve-2005-1256

CVE-2005-1256 (GCVE-0-2005-1256)

Vulnerability from cvelistv5 – Published: 2005-05-25 04:00 – Updated: 2024-08-07 21:44

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.ipswitch.com/support/imail/releases/im…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/13727	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1014047	vdb-entryx_refsource_SECTRACK
	http://www.idefense.com/application/poi/display?i…	third-party-advisoryx_refsource_IDEFENSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:05.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
          },
          {
            "name": "13727",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13727"
          },
          {
            "name": "1014047",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014047"
          },
          {
            "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-06-04T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
        },
        {
          "name": "13727",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13727"
        },
        {
          "name": "1014047",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014047"
        },
        {
          "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1256",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html",
              "refsource": "CONFIRM",
              "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
            },
            {
              "name": "13727",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13727"
            },
            {
              "name": "1014047",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014047"
            },
            {
              "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1256",
    "datePublished": "2005-05-25T04:00:00",
    "dateReserved": "2005-04-25T00:00:00",
    "dateUpdated": "2024-08-07T21:44:05.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"443C3EE1-1C98-40F6-93DD-F60BD0C46C2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.2_hotfix_2\", \"matchCriteriaId\": \"D8FF3313-6C45-44C5-B093-E865AB16BAB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C28E243-026F-4252-9D80-4D69C50467D3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.\"}]",
      "id": "CVE-2005-1256",
      "lastModified": "2024-11-20T23:56:56.890",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-05-25T04:00:00.000",
      "references": "[{\"url\": \"http://securitytracker.com/id?1014047\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/13727\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1014047\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/13727\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-1256\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-05-25T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"443C3EE1-1C98-40F6-93DD-F60BD0C46C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2_hotfix_2\",\"matchCriteriaId\":\"D8FF3313-6C45-44C5-B093-E865AB16BAB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28E243-026F-4252-9D80-4D69C50467D3\"}]}]}],\"references\":[{\"url\":\"http://securitytracker.com/id?1014047\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/13727\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1014047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/13727\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200505-1220

Vulnerability from variot - Updated: 2023-12-18 12:59

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. Ipswitch IMail is prone to multiple remote vulnerabilities. Attackers may exploit these issues to deny service for legitimate users, obtaoin potentially sensitive information, and execute arbitrary code. The vulnerabilities include a directory-traversal issue, two remote denial-of-service issues, and multiple buffer-overflow issues. Attackers can use this vulnerability to cause the target service to crash. However, this vulnerability cannot be further exploited. Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability

iDEFENSE Security Advisory 05.24.05 www.idefense.com/application/poi/display?id=244&type=vulnerabilities May 24, 2005

I. BACKGROUND

Ipswitch Collaboration Suite (ICS) is a comprehensive communication and collaboration solution for Microsoft Windows with a customer base of over 53 million users. More information is available on the vendor's website:

 http://www.ipswitch.com/products/IMail_Server/index.html

II.

The vulnerability specifically exists in the handling of a long mailbox name to the STATUS command. A long mailbox name argument will cause a stack based buffer overflow, providing the attacker with full control over the saved return address on the stack. Once this has been achieved,

execution of arbitrary code becomes trivial. As this vulnerability is in

the STATUS command, which requires that a session is authenticated, valid credentials are required.

III. Valid credentials are required for exploitation, which lessens the impact of this vulnerability.

IV. DETECTION

iDEFENSE has confirmed the existence of this vulnerability in Ipswitch IMail version 8.13. It is suspected that earlier versions are also vulnerable.

V. WORKAROUND

As this vulnerability is exploited after authentication occurs, ensuring

that only trusted users have accounts can mitigate the risk somwhat. As a more effective workaround, consider limiting access to the IMAP server

by filtering TCP port 143. If possible, consider disabling IMAP and forcing users to use POP3.

VI. VENDOR RESPONSE

The vendor has released the following patch to fix this vulnerability:

ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail82hf2.exe

The associated vendor advisory can be found at:

http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf 2.html

VII. CVE INFORMATION

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-1256 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.

VIII. DISCLOSURE TIMELINE

04/25/2005 Initial vendor notification 05/10/2005 Initial vendor response 05/24/2005 Public disclosure

IX. CREDIT

iDEFENSE Labs is credited with this discovery.

Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp

Free tools, research and upcoming events http://labs.idefense.com

X. LEGAL NOTICES

Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.

Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200505-1220",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "imail",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "ipswitch",
        "version": "8.13"
      },
      {
        "model": "collaboration suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "*"
      },
      {
        "model": "imail server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "8.2_hotfix_2"
      },
      {
        "model": "collaboration suite",
        "scope": null,
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": null
      },
      {
        "model": "imail server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "8.2_hotfix_2"
      },
      {
        "model": "imail hotfix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.151"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.14"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.2"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.1"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.0.5"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.0.3"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.12"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.1"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.7"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.6"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.5"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.4"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.3"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.2"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.0.1"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.4"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.3"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.2"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.1"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.6"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.5"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.4"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.3"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.2"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0.1"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.0.8"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.0.7"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.0.6"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.0.5"
      },
      {
        "model": "imail",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.0"
      },
      {
        "model": "imail hotfix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.22"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "13727"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.2_hotfix_2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sebastian Apelt",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-1256",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-12465",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-1256",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200505-1201",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-12465",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. Ipswitch IMail is prone to multiple remote vulnerabilities. Attackers may exploit these issues to deny service for legitimate users, obtaoin potentially sensitive information, and execute arbitrary code. \nThe vulnerabilities include a directory-traversal issue, two remote denial-of-service issues, and multiple buffer-overflow issues. Attackers can use this vulnerability to cause the target service to crash. However, this vulnerability cannot be further exploited. Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability\n\niDEFENSE Security Advisory 05.24.05\nwww.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities\nMay 24, 2005\n\nI. BACKGROUND\n\nIpswitch Collaboration Suite (ICS) is a comprehensive communication and \ncollaboration solution for Microsoft Windows with a customer base of \nover 53 million users. More information is available on the vendor\u0027s \nwebsite:\n\n     http://www.ipswitch.com/products/IMail_Server/index.html\n\nII. \n\nThe vulnerability specifically exists in the handling of a long mailbox \nname to the STATUS command. A long mailbox name argument will cause a \nstack based buffer overflow, providing the attacker with full control \nover the saved return address on the stack. Once this has been achieved,\n\nexecution of arbitrary code becomes trivial. As this vulnerability is in\n\nthe STATUS command, which requires that a session is authenticated, \nvalid credentials are required. \n\nIII. Valid credentials are required for \nexploitation, which lessens the impact of this vulnerability. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existence of this vulnerability in Ipswitch \nIMail version 8.13. It is suspected that earlier versions are also \nvulnerable. \n\nV. WORKAROUND\n\nAs this vulnerability is exploited after authentication occurs, ensuring\n\nthat only trusted users have accounts can mitigate the risk somwhat. As \na more effective workaround, consider limiting access to the IMAP server\n\nby filtering TCP port 143. If possible, consider disabling IMAP and \nforcing users to use POP3. \n\nVI. VENDOR RESPONSE\n\nThe vendor has released the following patch to fix this vulnerability:\n\nftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail82hf2.exe\n\nThe associated vendor advisory can be found at:\n\nhttp://www.ipswitch.com/support/imail/releases/imail_professional/im82hf\n2.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2005-1256 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n04/25/2005  Initial vendor notification\n05/10/2005  Initial vendor response\n05/24/2005  Public disclosure\n\nIX. CREDIT\n\niDEFENSE Labs is credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright (c) 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "BID",
        "id": "13727"
      },
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "db": "PACKETSTORM",
        "id": "39310"
      }
    ],
    "trust": 1.35
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-12465",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2005-1256",
        "trust": 2.1
      },
      {
        "db": "BID",
        "id": "13727",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1014047",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201",
        "trust": 0.7
      },
      {
        "db": "IDEFENSE",
        "id": "20050524 IPSWITCH IMAIL IMAP STATUS REMOTE BUFFER OVERFLOW VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "39310",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-12465",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "db": "BID",
        "id": "13727"
      },
      {
        "db": "PACKETSTORM",
        "id": "39310"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "id": "VAR-200505-1220",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:59:29.549000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/13727"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1014047"
      },
      {
        "trust": 1.7,
        "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
      },
      {
        "trust": 0.3,
        "url": "http://www.ipswitch.com/products/imail_server/index.asp"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/400543"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/400542"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/400546"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/400541"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/400545"
      },
      {
        "trust": 0.1,
        "url": "http://www.idefense.com/application/poi/display?id=244\u0026amp;type=vulnerabilities"
      },
      {
        "trust": 0.1,
        "url": "http://www.idefense.com/poi/teams/vcp.jsp"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.ipswitch.com/products/imail_server/index.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1256"
      },
      {
        "trust": 0.1,
        "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org),"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://labs.idefense.com"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "db": "BID",
        "id": "13727"
      },
      {
        "db": "PACKETSTORM",
        "id": "39310"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "db": "BID",
        "id": "13727"
      },
      {
        "db": "PACKETSTORM",
        "id": "39310"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-05-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "date": "2005-05-24T00:00:00",
        "db": "BID",
        "id": "13727"
      },
      {
        "date": "2005-08-14T20:29:45",
        "db": "PACKETSTORM",
        "id": "39310"
      },
      {
        "date": "2005-05-25T04:00:00",
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "date": "2005-05-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-11-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-12465"
      },
      {
        "date": "2007-04-03T03:12:00",
        "db": "BID",
        "id": "13727"
      },
      {
        "date": "2008-11-15T05:46:12.360000",
        "db": "NVD",
        "id": "CVE-2005-1256"
      },
      {
        "date": "2006-08-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "39310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ipswitch IMail IMAP SELECT Command denial of service vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200505-1201"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2005-1256

Vulnerability from fkie_nvd - Published: 2005-05-25 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://securitytracker.com/id?1014047
cve@mitre.org	http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities	Vendor Advisory
cve@mitre.org	http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html	Patch
cve@mitre.org	http://www.securityfocus.com/bid/13727
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014047
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=244&type=vulnerabilities	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13727

Impacted products

Vendor	Product	Version
ipswitch	imail	8.13
ipswitch	imail_server	*
ipswitch	ipswitch_collaboration_suite	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "443C3EE1-1C98-40F6-93DD-F60BD0C46C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8FF3313-6C45-44C5-B093-E865AB16BAB9",
              "versionEndIncluding": "8.2_hotfix_2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C28E243-026F-4252-9D80-4D69C50467D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."
    }
  ],
  "id": "CVE-2005-1256",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-25T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1014047"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/13727"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/13727"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-RQQ7-V9MC-QM3H

Vulnerability from github – Published: 2022-05-01 01:56 – Updated: 2022-05-01 01:56

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-1256"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-05-25T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.",
  "id": "GHSA-rqq7-v9mc-qm3h",
  "modified": "2022-05-01T01:56:52Z",
  "published": "2022-05-01T01:56:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1256"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014047"
    },
    {
      "type": "WEB",
      "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/13727"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2005-1256

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-1256

Aliases

CVE-2005-1256

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-1256",
    "description": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.",
    "id": "GSD-2005-1256"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-1256"
      ],
      "details": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.",
      "id": "GSD-2005-1256",
      "modified": "2023-12-13T01:20:11.658330Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-1256",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html",
            "refsource": "CONFIRM",
            "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
          },
          {
            "name": "13727",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/13727"
          },
          {
            "name": "1014047",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1014047"
          },
          {
            "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.2_hotfix_2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1256"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050524 Ipswitch IMail IMAP STATUS Remote Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=244\u0026type=vulnerabilities"
            },
            {
              "name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
            },
            {
              "name": "1014047",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014047"
            },
            {
              "name": "13727",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/13727"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-11-15T05:46Z",
      "publishedDate": "2005-05-25T04:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-1256 (GCVE-0-2005-1256)

VAR-200505-1220

FKIE_CVE-2005-1256

GHSA-RQQ7-V9MC-QM3H

GSD-2005-1256

Tags

Sightings

Nomenclature