| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response." |
| Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. |
| IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. |
| WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515). |
| Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. |
| Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. |
| IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. |
| Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors. |
| Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments. |
| Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. |
| Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. |
| Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. |
| Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. |
| The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. |
| Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. |
| Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. |
| Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. |
| Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. |
