Ipswitch IMail Server 11.x / 12.x < 12.3 Information Disclosure

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote mail server is affected by an information disclosure

Description :

The remote host appears to be running Ipswitch IMail Server 11.x or
12.x older than version 12.3 and is, therefore, affected by an
information disclosure vulnerability due to the included OpenSSL

An error exists related to the SSL/TLS/DTLS protocols, CBC mode
encryption and response time. An attacker could obtain plaintext
contents of encrypted traffic via timing attacks.

See also :


Solution :

Upgrade to Ipswitch IMail Server version 12.3 or later.

Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.5
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 76489 ()

Bugtraq ID: 57778

CVE ID: CVE-2013-0169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now