CVSS: 9.0EPSS: 49%CPEs: 2EXPL: 1CVE-2007-2795 – Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2795
19 Jul 2007 — Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. Múltiple desbordamiento de búfer en Ipswitch IMail en versiones anteriores a 2006.21, permite a los atacantes remotos o usuarios autenticados ejecutar arbitrariamente código ... • https://www.exploit-db.com/exploits/9662 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3823
https://notcve.org/view.php?id=CVE-2007-3823
17 Jul 2007 — The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp. The Logging Server (Logsrv.exe) en IPSwitch WS_FTP 7.5.29.0 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) enviando un paquete artesanal que contiene una cadena larga al puerto 5151/udp. • http://packetstormsecurity.org/0707-advisories/wsftp75290-dos.txt •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-2602
https://notcve.org/view.php?id=CVE-2007-2602
11 May 2007 — Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. Desbordamiento de búfer en el MIBEXTRA.EXE del Ipswitch WhatsUp Gold 11 permite a los atacantes provocar una denegación de servicio (caída de la ap... • http://osvdb.org/36217 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-2213
https://notcve.org/view.php?id=CVE-2007-2213
24 Apr 2007 — Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Professional 2007 allows remote attackers to cause a denial of service (NULL dereference and application crash) via unspecified vectors related to "improper arguments." Vulnerabilidad no especificada en la función Initialize en NetscapeFTPHandler en WS_FTP Home y Professional 2007 permite a atacantes remotos provocar denegación de servicio (referencia NULL y caida de aplicación) a través de vectores no especificado... • http://www.securityfocus.com/archive/1/466576/100/0/threaded •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-1637
https://notcve.org/view.php?id=CVE-2007-1637
23 Mar 2007 — Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control. Múltiples desbordamientos de búfer en el control ActiveX IMAILAPILib (IMailAPI.dll) en Ipswitch IMail Server anterior a 2006.2 per... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0665
https://notcve.org/view.php?id=CVE-2007-0665
02 Feb 2007 — Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command. Vulnerabilidad de formato de cadena en el módulo SCP en Ipswitch WS_FTP 2007 Professional podría permitir a atacantes remotos ejecutar comandos de su elección a través de las especificaciones de formato de cadena en el nombre de ficheroo, relacionado con la secuencia de comandos ... • http://osvdb.org/33602 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0666
https://notcve.org/view.php?id=CVE-2007-0666
02 Feb 2007 — Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module. Ipswitch WS_FTP Server versión 5.04 permite a los administradores de sitios FTP ejecutar código arbitrario en el sistema por medio de una larga cadena de entrada para los archivos (1) iFTPAddU o (2) iFTPAddH, o (3) para el módulo edition. • http://osvdb.org/33646 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0330
https://notcve.org/view.php?id=CVE-2007-0330
18 Jan 2007 — Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. Desbordamiento de búfer en wsbho2k0.dll, como ha sido utilizado en wsftpurl.exe, en Ipswitch WS_FTP 2007 Professional permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código... • http://osvdb.org/33476 •
CVSS: 7.5EPSS: 9%CPEs: 4EXPL: 0CVE-2006-5001
https://notcve.org/view.php?id=CVE-2006-5001
26 Sep 2006 — Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. Vulnerabilidad no especificada en el analizador de log en WS_FTP Server 5.05 anterior a Hotfix 1, y posiblemente versiones anteriores a la 5.0, previene que cierta información se... • http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp •
CVSS: 9.8EPSS: 32%CPEs: 4EXPL: 0CVE-2006-5000 – Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-5000
26 Sep 2006 — Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. Múltiples desbordamientos de búfer en WS_FTP Server 5.05 anterior a Hotfix 1, y posiblemente otras versiones anteriores a la 5.0, tienen impacto y vectores de ataque remotos autenticado... • http://securitytracker.com/id?1016935 •