This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ipswitch First view 2006-09-08
Product Imail Plus Last view 2007-03-23
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:ipswitch:imail_plus:2006:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
9.3 2007-03-23 CVE-2007-1637

Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control.
7.5 2006-09-08 CVE-2006-4379

Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.

SAINT Exploits

Description Link
IMail SMTP RCPT TO buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
33648 Ipswitch IMail Server/Collaboration Suite IMailAPI.dll Multiple Remote Overflows
28576 Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Overflow

Snort® IPS/IDS

Date Description
2014-01-10 Ipswitch IMail RCPT TO proxy overflow attempt
RuleID : 18317 - Type : SERVER-MAIL - Revision : 7

Nessus® Vulnerability Scanner

id Description
2007-03-07 Name: The remote mail server is affected by multiple buffer overflow vulnerabilities.
File: ipswitch_imail_2006_2.nasl - Type: ACT_GATHER_INFO
2006-09-08 Name: The remote SMTP server is affected by a buffer overflow vulnerability.
File: ipswitch_imail_2006.1.nasl - Type: ACT_GATHER_INFO