CVE-2005-1252
https://notcve.org/view.php?id=CVE-2005-1252
Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in the query string argument in a GET request to a non-existent .jsp file. • http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=242&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 •
CVE-2005-1255 – IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-1255
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character. • https://www.exploit-db.com/exploits/1124 https://www.exploit-db.com/exploits/3627 https://www.exploit-db.com/exploits/1035 http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 •