Ipswitch: Security Vulnerabilities
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
CVSS Score
5.0
EPSS Score
0.011
Published
2000-01-05
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
CVSS Score
7.2
EPSS Score
0.002
Published
1999-12-21
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVSS Score
7.5
EPSS Score
0.01
Published
1999-07-29
IMail POP3 daemon uses weak encryption, which allows local users to read files.
CVSS Score
2.1
EPSS Score
0.0
Published
1999-03-04
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
CVSS Score
5.0
EPSS Score
0.447
Published
1999-03-02
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
CVSS Score
10.0
EPSS Score
0.046
Published
1999-03-01
WS_FTP server remote denial of service through cwd command.
CVSS Score
5.0
EPSS Score
0.001
Published
1999-02-02
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVSS Score
4.6
EPSS Score
0.0
Published
1999-02-02
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVSS Score
4.6
EPSS Score
0.0
Published
1999-01-02
Page 11