CVE-2005-3526 - Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote

CVE-2005-3526

Summary

Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command.

References

Vulnerable Configurations

cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02_premium:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02_premium:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02_standard:*:*:*:*:*:*:*
cpe:2.3:a:ipswitch:ipswitch_collaboration_suite:2006.02_standard:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 19-10-2018 - 15:36)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

bid	17063
bugtraq	20060313 ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability
confirm	http://www.ipswitch.com/support/ics/updates/ics200603prem.asp
misc	http://www.zerodayinitiative.com/advisories/ZDI-06-003.html
osvdb	23796
sectrack	1015759
secunia	19168
sreason	577
vupen	ADV-2006-0907
xf	ipswitch-imap-fetch-bo(25133)

saint via4

bid	17063
description	IMail IMAP FETCH command buffer overflow
id	mail_imap_imail
osvdb	23796
title	imail_imap_fetch
type	remote

Last major update

19-10-2018 - 15:36

Published

31-12-2005 - 05:00

Last modified

19-10-2018 - 15:36