cvelistv5 - cve-2008-0945

CVE-2008-0945 (GCVE-0-2008-0945)

Vulnerability from cvelistv5 – Published: 2008-02-25 21:00 – Updated: 2024-08-07 08:01

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://aluigi.altervista.org/adv/ipsimene-adv.txt	x_refsource_MISC
	http://www.securityfocus.com/archive/1/487748/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/27677	vdb-entryx_refsource_BID
	http://securityreason.com/securityalert/3697	third-party-advisoryx_refsource_SREASON
	http://aluigi.org/poc/ipsimene.zip	x_refsource_MISC
	http://secunia.com/advisories/28824	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:01:40.108Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
          },
          {
            "name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
          },
          {
            "name": "27677",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27677"
          },
          {
            "name": "3697",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3697"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://aluigi.org/poc/ipsimene.zip"
          },
          {
            "name": "28824",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28824"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
        },
        {
          "name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
        },
        {
          "name": "27677",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27677"
        },
        {
          "name": "3697",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3697"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://aluigi.org/poc/ipsimene.zip"
        },
        {
          "name": "28824",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28824"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0945",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://aluigi.altervista.org/adv/ipsimene-adv.txt",
              "refsource": "MISC",
              "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
            },
            {
              "name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
            },
            {
              "name": "27677",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27677"
            },
            {
              "name": "3697",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3697"
            },
            {
              "name": "http://aluigi.org/poc/ipsimene.zip",
              "refsource": "MISC",
              "url": "http://aluigi.org/poc/ipsimene.zip"
            },
            {
              "name": "28824",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28824"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0945",
    "datePublished": "2008-02-25T21:00:00",
    "dateReserved": "2008-02-25T00:00:00",
    "dateUpdated": "2024-08-07T08:01:40.108Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:imserver:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.0.8.1\", \"matchCriteriaId\": \"37107C28-9B74-4C67-8A0D-E746647C34FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ipswitch:instant_messaging:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.0.8.1\", \"matchCriteriaId\": \"063110BD-F65A-48F8-BD75-54CA1E370D24\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de formato de cadena en la funci\\u00f3n de inicio de sesi\\u00f3n de IM Server (tambi\\u00e9n conocido como IMserve or IMserver) en Ipswitch Instant Messaging (IM) 2.0.8.1 y anteriores permite a usuarios autentificados remotamente provocar una denegaci\\u00f3n de servicio (ca\\u00edda del demonio) y posiblemente tener otros impactos sin identificar a trav\\u00e9s de especificadores de formato de cadena en un campo de una direcci\\u00f3n IP.\"}]",
      "id": "CVE-2008-0945",
      "lastModified": "2024-11-21T00:43:17.180",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:N/A:P\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-02-25T21:44:00.000",
      "references": "[{\"url\": \"http://aluigi.altervista.org/adv/ipsimene-adv.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://aluigi.org/poc/ipsimene.zip\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/28824\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3697\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/487748/100/200/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/27677\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://aluigi.altervista.org/adv/ipsimene-adv.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://aluigi.org/poc/ipsimene.zip\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/28824\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/487748/100/200/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/27677\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-134\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0945\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-02-25T21:44:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de formato de cadena en la funci\u00f3n de inicio de sesi\u00f3n de IM Server (tambi\u00e9n conocido como IMserve or IMserver) en Ipswitch Instant Messaging (IM) 2.0.8.1 y anteriores permite a usuarios autentificados remotamente provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) y posiblemente tener otros impactos sin identificar a trav\u00e9s de especificadores de formato de cadena en un campo de una direcci\u00f3n IP.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:N/A:P\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-134\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:imserver:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.8.1\",\"matchCriteriaId\":\"37107C28-9B74-4C67-8A0D-E746647C34FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:instant_messaging:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.8.1\",\"matchCriteriaId\":\"063110BD-F65A-48F8-BD75-54CA1E370D24\"}]}]}],\"references\":[{\"url\":\"http://aluigi.altervista.org/adv/ipsimene-adv.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://aluigi.org/poc/ipsimene.zip\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/28824\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3697\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/487748/100/200/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/27677\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://aluigi.altervista.org/adv/ipsimene-adv.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://aluigi.org/poc/ipsimene.zip\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/28824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/487748/100/200/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/27677\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2008-0945

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0945

Aliases

CVE-2008-0945

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0945",
    "description": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.",
    "id": "GSD-2008-0945"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0945"
      ],
      "details": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.",
      "id": "GSD-2008-0945",
      "modified": "2023-12-13T01:22:58.557763Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0945",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://aluigi.altervista.org/adv/ipsimene-adv.txt",
            "refsource": "MISC",
            "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
          },
          {
            "name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
          },
          {
            "name": "27677",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27677"
          },
          {
            "name": "3697",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3697"
          },
          {
            "name": "http://aluigi.org/poc/ipsimene.zip",
            "refsource": "MISC",
            "url": "http://aluigi.org/poc/ipsimene.zip"
          },
          {
            "name": "28824",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28824"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imserver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0.8.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:instant_messaging:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0.8.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0945"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-134"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://aluigi.altervista.org/adv/ipsimene-adv.txt",
              "refsource": "MISC",
              "tags": [],
              "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
            },
            {
              "name": "http://aluigi.org/poc/ipsimene.zip",
              "refsource": "MISC",
              "tags": [],
              "url": "http://aluigi.org/poc/ipsimene.zip"
            },
            {
              "name": "27677",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27677"
            },
            {
              "name": "28824",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/28824"
            },
            {
              "name": "3697",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3697"
            },
            {
              "name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T22:03Z",
      "publishedDate": "2008-02-25T21:44Z"
    }
  }
}

FKIE_CVE-2008-0945

Vulnerability from fkie_nvd - Published: 2008-02-25 21:44 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://aluigi.altervista.org/adv/ipsimene-adv.txt
cve@mitre.org	http://aluigi.org/poc/ipsimene.zip
cve@mitre.org	http://secunia.com/advisories/28824	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3697
cve@mitre.org	http://www.securityfocus.com/archive/1/487748/100/200/threaded
cve@mitre.org	http://www.securityfocus.com/bid/27677
af854a3a-2127-422b-91ae-364da2661108	http://aluigi.altervista.org/adv/ipsimene-adv.txt
af854a3a-2127-422b-91ae-364da2661108	http://aluigi.org/poc/ipsimene.zip
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28824	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3697
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/487748/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27677

Impacted products

	Vendor	Product	Version
	ipswitch	imserver	*
	ipswitch	instant_messaging	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ipswitch:imserver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37107C28-9B74-4C67-8A0D-E746647C34FF",
              "versionEndIncluding": "2.0.8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:instant_messaging:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "063110BD-F65A-48F8-BD75-54CA1E370D24",
              "versionEndIncluding": "2.0.8.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de formato de cadena en la funci\u00f3n de inicio de sesi\u00f3n de IM Server (tambi\u00e9n conocido como IMserve or IMserver) en Ipswitch Instant Messaging (IM) 2.0.8.1 y anteriores permite a usuarios autentificados remotamente provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) y posiblemente tener otros impactos sin identificar a trav\u00e9s de especificadores de formato de cadena en un campo de una direcci\u00f3n IP."
    }
  ],
  "id": "CVE-2008-0945",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-25T21:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://aluigi.org/poc/ipsimene.zip"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28824"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3697"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/27677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aluigi.org/poc/ipsimene.zip"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27677"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-62J9-25GG-9W4W

Vulnerability from github – Published: 2022-05-01 23:34 – Updated: 2022-05-01 23:34

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0945"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-134"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-02-25T21:44:00Z",
    "severity": "LOW"
  },
  "details": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.",
  "id": "GHSA-62j9-25gg-9w4w",
  "modified": "2022-05-01T23:34:59Z",
  "published": "2022-05-01T23:34:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0945"
    },
    {
      "type": "WEB",
      "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
    },
    {
      "type": "WEB",
      "url": "http://aluigi.org/poc/ipsimene.zip"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28824"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3697"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27677"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200802-0084

Vulnerability from variot - Updated: 2023-12-18 12:32

Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field. Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite arbitrary files. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content. These issues affect Ipswitch Instant Messaging 2.0.8.1; other versions may also be affected.

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.

Download and test it today: https://psi.secunia.com/

Read more about this new version: https://psi.secunia.com/?page=changelog

TITLE: Ipswitch Instant Messaging IMServer Denial of Service

SECUNIA ADVISORY ID: SA28824

VERIFY ADVISORY: http://secunia.com/advisories/28824/

CRITICAL: Moderately critical

IMPACT: DoS

WHERE:

From remote

SOFTWARE: Ipswitch Instant Messaging 2.x http://secunia.com/product/14854/ Ipswitch Collaboration Suite (ICS) 2.x http://secunia.com/product/5167/

DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Ipswitch Instant Messaging, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the IMServer service (IMServer.exe) and can be exploited to crash the service via a specially crafted packet sent to default port 5177/TCP.

NOTE: Other errors have also been reported e.g. a format-string error in the logging function.

The vulnerability is confirmed in version 2.08 and is also reported to affect the IM clients.

SOLUTION: Use in a trusted network environment only.

PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma

ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/ipsimene-adv.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200802-0084",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "imserver",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "ipswitch",
        "version": "2.0.8.1"
      },
      {
        "model": "instant messaging",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "ipswitch",
        "version": "2.0.8.1"
      },
      {
        "model": "instant messaging",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "ipswitch",
        "version": "2.0.8.1"
      },
      {
        "model": "imserver",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "2.0.8.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "27677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:imserver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0.8.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:instant_messaging:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0.8.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Luigi Auriemma is credited with discovering these vulnerabilities.",
    "sources": [
      {
        "db": "BID",
        "id": "27677"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2008-0945",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 3.5,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2008-0945",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "VHN-31070",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-0945",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200802-453",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-31070",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field. Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite arbitrary files. \nAttackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content. \nThese issues affect Ipswitch Instant Messaging 2.0.8.1; other versions may also be affected. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nIpswitch Instant Messaging IMServer Denial of Service\n\nSECUNIA ADVISORY ID:\nSA28824\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28824/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIpswitch Instant Messaging 2.x\nhttp://secunia.com/product/14854/\nIpswitch Collaboration Suite (ICS) 2.x\nhttp://secunia.com/product/5167/\n\nDESCRIPTION:\nLuigi Auriemma has discovered a vulnerability in Ipswitch Instant\nMessaging, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nThe vulnerability is caused due to an error in the IMServer service\n(IMServer.exe) and can be exploited to crash the service via a\nspecially crafted packet sent to default port 5177/TCP. \n\nNOTE: Other errors have also been reported e.g. a format-string error\nin the logging function. \n\nThe vulnerability is confirmed in version 2.08 and is also reported\nto affect the IM clients. \n\nSOLUTION:\nUse in a trusted network environment only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nhttp://aluigi.altervista.org/adv/ipsimene-adv.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "BID",
        "id": "27677"
      },
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "db": "PACKETSTORM",
        "id": "63425"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-0945",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "27677",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "28824",
        "trust": 1.8
      },
      {
        "db": "SREASON",
        "id": "3697",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153",
        "trust": 0.8
      },
      {
        "db": "BUGTRAQ",
        "id": "20080207 MULTIPLE VULNERABILITIES IN IPSWITCH INSTANT MESSAGING 2.0.8.1",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-31070",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "63425",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "db": "BID",
        "id": "27677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "PACKETSTORM",
        "id": "63425"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "id": "VAR-200802-0084",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:32:07.121000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Instant Messaging",
        "trust": 0.8,
        "url": "http://www.imailserver.com/products/ipswitch-instant-messaging/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-134",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/27677"
      },
      {
        "trust": 1.7,
        "url": "http://aluigi.org/poc/ipsimene.zip"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/28824"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/3697"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0945"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0945"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/487748/100/200/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.ipswitch.com/products/instant_messaging"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/487748"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/28824/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14854/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5167/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "db": "BID",
        "id": "27677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "PACKETSTORM",
        "id": "63425"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "db": "BID",
        "id": "27677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "db": "PACKETSTORM",
        "id": "63425"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-02-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "date": "2008-02-07T00:00:00",
        "db": "BID",
        "id": "27677"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "date": "2008-02-09T00:15:54",
        "db": "PACKETSTORM",
        "id": "63425"
      },
      {
        "date": "2008-02-25T21:44:00",
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "date": "2008-02-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-31070"
      },
      {
        "date": "2016-07-06T14:17:00",
        "db": "BID",
        "id": "27677"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      },
      {
        "date": "2018-10-15T22:03:35.857000",
        "db": "NVD",
        "id": "CVE-2008-0945"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ipswitch IM of  IM Server of  logging Format string vulnerability in functions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004153"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "format string",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200802-453"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0945 (GCVE-0-2008-0945)

GSD-2008-0945

FKIE_CVE-2008-0945

GHSA-62J9-25GG-9W4W

VAR-200802-0084

Tags

Sightings

Nomenclature