Ipswitch IM Server < 2.07 Multiple Function Remote DoS

Medium Nessus Plugin ID 25762


The remote Windows host contains an application that is affected by a denial of service vulnerability.


Ipswitch Instant Messaging Server, a secure, instant messaging product targeted at businesses, is installed on the remote Windows host.

The version of Instant Messaging Server on the remote host reportedly allows an unauthenticated attacker to overwrite a destructor and crash the application when it attempts to process malicious traffic in the 'DoAttachVideoSender', 'DoAttachVideoReceiver', 'DoAttachAudioSender', or 'DoAttachAudioReceiver' functions.


Upgrade to version 2.07 of the IM Server.

See Also




Plugin Details

Severity: Medium

ID: 25762

File Name: ipswitch_imserver_207.nasl

Version: $Revision: 1.18 $

Type: local

Agent: windows

Family: Windows

Published: 2007/07/25

Modified: 2016/05/16

Dependencies: 13855, 10456

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ipswitch:imserver, cpe:/a:ipswitch:ipswitch_collaboration_suite

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2007/07/24

Reference Information

CVE: CVE-2007-3959

BID: 25031

OSVDB: 36223