Ipswitch IMail Server < 8.13 Multiple Remote DoS

medium Nessus Plugin ID 14684

Synopsis

The remote mail server is affected by multiple denial of service vulnerabilities.

Description

The remote host is running IMail web interface. This version contains multiple buffer overflows.

An attacker could use these flaws to remotely crash the service accepting requests from users, or possibly execute arbitrary code.

Solution

Upgrade to IMail 8.13 or laster, as this reportedly fixes the issue.

See Also

http://support.ipswitch.com/kb/IM-20040902-DM01.htm

Plugin Details

Severity: Medium

ID: 14684

File Name: ipswitch_IMail_bo.nasl

Version: 1.20

Type: remote

Agent: windows

Family: Windows

Published: 9/8/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:ipswitch:imail

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 9/3/2004

Reference Information

CVE: CVE-2004-2422, CVE-2004-2423

BID: 11106