CVE-2005-1255

2005-05-2504:00:00

mitre

web.nvd.nist.gov

imail server

buffer overflow

remote code execution

cve-2005-1255

security vulnerability

imail 8.12

imail 8.13

ipswitch collaboration suite

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.245

Percentile

96.7%

JSON

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.

Affected configurations

Nvd

Node

ipswitchimailMatch8.12

ipswitchimailMatch8.13

ipswitchimail_serverRange≤8.2_hotfix_2

ipswitchipswitch_collaboration_suite

VendorProductVersionCPE
ipswitchimail8.12cpe:2.3:a:ipswitch:imail:8.12:*:*:*:*:*:*:*
ipswitchimail8.13cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*
ipswitchimail_server*cpe:2.3:a:ipswitch:imail_server:*:*:*:*:*:*:*:*
ipswitchipswitch_collaboration_suite*cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ipswitch	imail	8.12	cpe:2.3:a:ipswitch:imail:8.12:::::::*
ipswitch	imail	8.13	cpe:2.3:a:ipswitch:imail:8.13:::::::*
ipswitch	imail_server	*	cpe:2.3:a:ipswitch:imail_server::::::::
ipswitch	ipswitch_collaboration_suite	*	cpe:2.3:a:ipswitch:ipswitch_collaboration_suite::::::::