Page 7 of 49 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3428 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3424 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://online.securityfocus.com/archive/1/261096 http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3432 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3426 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0082.html http://www.ipswitch.com/Support/IMail/news.html http://www.securityfocus.com/bid/3432 •