FKIE_CVE-2007-6101

Vulnerability from fkie_nvd - Published: 2007-11-23 20:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages.
References
cve@mitre.orghttp://osvdb.org/42399
cve@mitre.orghttp://osvdb.org/42400
cve@mitre.orghttp://secunia.com/advisories/27736Vendor Advisory
cve@mitre.orghttp://www.code-crafters.com/abilitymailserver/updatelog.htmlPatch
cve@mitre.orghttp://www.securityfocus.com/bid/26514Patch
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/38586
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/38587
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/42399
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/42400
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27736Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.code-crafters.com/abilitymailserver/updatelog.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26514Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38586
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/38587
Impacted products
Vendor Product Version
code-crafters ability_mail_server 1.18
code-crafters ability_mail_server 2.01b
code-crafters ability_mail_server 2.02b
code-crafters ability_mail_server 2.03b
code-crafters ability_mail_server 2.04b
code-crafters ability_mail_server 2.05b
code-crafters ability_mail_server 2.10
code-crafters ability_mail_server 2.11
code-crafters ability_mail_server 2.12
code-crafters ability_mail_server 2.13
code-crafters ability_mail_server 2.14
code-crafters ability_mail_server 2.15
code-crafters ability_mail_server 2.16
code-crafters ability_mail_server 2.17
code-crafters ability_mail_server 2.18
code-crafters ability_mail_server 2.19
code-crafters ability_mail_server 2.20
code-crafters ability_mail_server 2.21
code-crafters ability_mail_server 2.22
code-crafters ability_mail_server 2.23
code-crafters ability_mail_server 2.50
code-crafters ability_mail_server 2.51
code-crafters ability_mail_server 2.52
code-crafters ability_mail_server 2.53
code-crafters ability_mail_server 2.54
code-crafters ability_mail_server 2.55
code-crafters ability_mail_server 2.56
code-crafters ability_mail_server 2.57
code-crafters ability_mail_server 2.58
code-crafters ability_mail_server 2.60
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB5EC297-5A2A-4359-B93C-BF9EDE4D99E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.01b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6FFDB5D-9511-49A5-BA56-27F9E8EDBC88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.02b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EAA589C-28AF-44D7-B520-E15C06A3DBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.03b:*:*:*:*:*:*:*",
              "matchCriteriaId": "80531858-C703-4C08-BC4A-12B02723C961",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.04b:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F852F1C-E8D7-48E8-92AA-B7CCF5AB3A24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.05b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D1E6919-5B04-4401-ACA5-F2A71A7483DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9EC47A8-37BC-4000-9323-AF81ED9A0699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F19F1B93-0423-4681-8821-9E4A9E3AE6DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD744492-6BE6-4E30-8796-23581A344374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE328F78-4C47-49E5-8A15-26475A739229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9036D941-EE6F-4182-A91C-D2871BB5B20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "488084AA-9C8D-497F-88CF-881480FFA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E8E1AE7-1698-46A6-A377-0646DD124F37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDA94B27-748C-4DA6-BEB0-FAA29F34A54E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "784B5CE3-8D72-4DF6-86AE-5A7FB7EDDF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "149A348A-3F37-4853-B885-2EECF303536E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "938529F4-31B5-47E9-A8AE-9DA3B25F9D48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C732C79B-E224-420D-B96D-1EB0D2EECE24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "16B7A98B-A682-42B5-8CDD-1FE9F4CF74CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "627FD5F2-302F-407E-9000-8D5358C9CF98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "0004DD62-C64E-4F99-ADE0-EB91AEE1021D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0119286-87F5-4D60-AF54-A0C8F948BF12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "48993397-4379-48DF-969F-CAE0663C18E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "8446A8DB-5344-4087-A54E-9B1D505E6F4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B6FD5A-1C29-4E3B-AB74-FD9600BE7EB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DC685FC-37CA-4770-9159-B387C02E8EC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA42ACC-27A8-4673-9049-2CA48C00E87E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18C7269-C786-4E19-B96A-0F417500B25B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "51948C81-145A-434F-ACDA-D2738B65D29E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:code-crafters:ability_mail_server:2.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "356004E2-A09E-4FAA-83D4-7402B41F29E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daemon crash) via (1) malformed number list ranges in unspecified IMAP commands, and possibly (2) a blank string in unspecified messages."
    },
    {
      "lang": "es",
      "value": "Ability Mail Server, en versiones anteriores a la 2.61, permite que usuarios autenticados remotamente provoquen denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de (1) rangos de listas num\u00e9ricas mal formadas en comandos IMAP no  especificados, y posiblemente, (2) a trav\u00e9s de una cadena vac\u00eda en mensajes no especificados."
    }
  ],
  "id": "CVE-2007-6101",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-23T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/42399"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/42400"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27736"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.code-crafters.com/abilitymailserver/updatelog.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26514"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38586"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38587"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/42399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/42400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27736"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.code-crafters.com/abilitymailserver/updatelog.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38587"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.