Ipswitch CVE 脆弱性と CVE 一覧(109)

製品(CPE): — CVE 件数: 109

Ipswitch 脆弱性概要

Ipswitch 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に vendor risk sql injection and vendor risk input validation などに関し、一部は アプリケーションクラッシュ を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 6180 / 109 CVE 件数
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2005-2931 Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands. [email protected] 7.5 4.74% 2005-12-06 2026-06-16
CVE-2005-2923 The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory. [email protected] 4.0 10.82% 2005-12-06 2026-06-16
CVE-2005-2160 IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. [email protected] 7.5 1.96% 2005-07-06 2026-06-16
CVE-2005-1250 SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter). [email protected] 7.5 20.86% 2005-06-22 2026-06-16
CVE-2005-1256 Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name. [email protected] 10.0 58.90% 2005-05-25 2026-06-16
CVE-2005-1255 Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character. [email protected] 10.0 42.81% 2005-05-25 2026-06-16
CVE-2005-1254 Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument. [email protected] 5.0 5.07% 2005-05-25 2026-06-16
CVE-2005-1252 Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file. [email protected] 5.0 12.50% 2005-05-25 2026-06-16
CVE-2005-1249 The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop. [email protected] 5.0 4.52% 2005-05-25 2026-06-16
CVE-2005-0707 Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. [email protected] 7.2 2.03% 2005-05-02 2026-06-16
CVE-1999-1557 Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password. [email protected] 5.0 8.44% 2005-05-02 2026-06-16
CVE-2004-1135 Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands. [email protected] 5.0 49.64% 2005-01-10 2026-06-16
CVE-2004-2423 Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." [email protected] 5.0 4.89% 2004-12-31 2026-06-16
CVE-2004-2422 Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. [email protected] 5.0 7.09% 2004-12-31 2026-06-16
CVE-2004-2401 Stack-based buffer overflow in Ipswitch IMail Express Web Messaging before 8.05 might allow remote attackers to execute arbitrary code via an HTML message with long "tag text." [email protected] 7.5 3.53% 2004-12-31 2026-06-16
CVE-2004-1848 Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. [email protected] 5.0 8.09% 2004-12-31 2026-06-16
CVE-2004-1520 Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. [email protected] 4.6 88.51% 2004-12-31 2026-06-16
CVE-2004-0297 Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. [email protected] 10.0 68.13% 2004-11-23 2026-06-16
CVE-2004-0799 The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm". [email protected] 5.0 6.20% 2004-10-20 2026-06-16
CVE-2004-1884 Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access. [email protected] 7.5 5.80% 2004-03-23 2026-06-16
cvelogic Threat Intelligence