Lucene search

MitreCVE-2008-3606

HistoryAug 12, 2008 - 7:41 p.m.

CVE-2008-3606

2008-08-1219:41:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-3606

heap-based

buffer overflow

imap

qbik wingate

denial of service

remote code execution

nvd

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.075

Percentile

94.2%

JSON

Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

qbikwingateRange≤6.2.2

qbikwingateMatch2.0

qbikwingateMatch2.1

qbikwingateMatch3.0

qbikwingateMatch3.0.5

qbikwingateMatch4.0.1

qbikwingateMatch4.1beta_a

qbikwingateMatch4.1.0

qbikwingateMatch4.1.1

qbikwingateMatch4.2.0

qbikwingateMatch4.3.0

qbikwingateMatch4.3.0beta_a

qbikwingateMatch4.3.0beta_b

qbikwingateMatch4.4.0

qbikwingateMatch4.4.0beta_a

qbikwingateMatch4.4.1

qbikwingateMatch4.4.2

qbikwingateMatch4.5.0beta_a

qbikwingateMatch4.5.0beta_b

qbikwingateMatch4.5.1

qbikwingateMatch4.5.2

qbikwingateMatch5.0

qbikwingateMatch5.0.0

qbikwingateMatch5.0.1

qbikwingateMatch5.0.1.766

qbikwingateMatch5.0.5

qbikwingateMatch5.1

qbikwingateMatch5.2

qbikwingateMatch5.2.2

qbikwingateMatch5.2.3

qbikwingateMatch6.0

qbikwingateMatch6.0.0.984

qbikwingateMatch6.0.1.993

qbikwingateMatch6.0.1.995

qbikwingateMatch6.0.2.1000

qbikwingateMatch6.0.2.1001

qbikwingateMatch6.0.3.1005

qbikwingateMatch6.0.4.1025

qbikwingateMatch6.1.1.1077

qbikwingateMatch6.1.2.1094

qbikwingateMatch6.1.3.1096

qbikwingateMatch6.1.4

qbikwingateMatch6.2.1

qbikwingateMatch6.2.2.1137

VendorProductVersionCPE
qbikwingate*cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*
qbikwingate2.0cpe:2.3:a:qbik:wingate:2.0:*:*:*:*:*:*:*
qbikwingate2.1cpe:2.3:a:qbik:wingate:2.1:*:*:*:*:*:*:*
qbikwingate3.0cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*
qbikwingate3.0.5cpe:2.3:a:qbik:wingate:3.0.5:*:*:*:*:*:*:*
qbikwingate4.0.1cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*
qbikwingate4.1cpe:2.3:a:qbik:wingate:4.1:beta_a:*:*:*:*:*:*
qbikwingate4.1.0cpe:2.3:a:qbik:wingate:4.1.0:*:*:*:*:*:*:*
qbikwingate4.1.1cpe:2.3:a:qbik:wingate:4.1.1:*:*:*:*:*:*:*
qbikwingate4.2.0cpe:2.3:a:qbik:wingate:4.2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
qbik	wingate	*	cpe:2.3:a:qbik:wingate::::::::
qbik	wingate	2.0	cpe:2.3:a:qbik:wingate:2.0:::::::*
qbik	wingate	2.1	cpe:2.3:a:qbik:wingate:2.1:::::::*
qbik	wingate	3.0	cpe:2.3:a:qbik:wingate:3.0:::::::*
qbik	wingate	3.0.5	cpe:2.3:a:qbik:wingate:3.0.5:::::::*
qbik	wingate	4.0.1	cpe:2.3:a:qbik:wingate:4.0.1:::::::*
qbik	wingate	4.1	cpe:2.3:a:qbik:wingate:4.1:beta_a::::::
qbik	wingate	4.1.0	cpe:2.3:a:qbik:wingate:4.1.0:::::::*
qbik	wingate	4.1.1	cpe:2.3:a:qbik:wingate:4.1.1:::::::*
qbik	wingate	4.2.0	cpe:2.3:a:qbik:wingate:4.2.0:::::::*

Rows per page:

1-10 of 441

References

secunia.com/advisories/31442

securityreason.com/securityalert/4146

www.securityfocus.com/archive/1/495264/100/0/threaded

www.securityfocus.com/bid/30606

www.securitytracker.com/id?1020644

exchange.xforce.ibmcloud.com/vulnerabilities/44370

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.075

Percentile

94.2%

JSON

Related for CVE-2008-3606