Filtered by vendor Ipswitch
Subscriptions
Total
109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2160 | 1 Ipswitch | 1 Imail | 2025-04-03 | 7.5 High |
| IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information. | ||||
| CVE-1999-1551 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. | ||||
| CVE-2001-0039 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. | ||||
| CVE-2001-1284 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users. | ||||
| CVE-2002-0777 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter. | ||||
| CVE-2002-1077 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. | ||||
| CVE-2002-1076 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. | ||||
| CVE-2004-1848 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2025-04-03 | N/A |
| Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. | ||||
| CVE-2004-1884 | 2 Ipswitch, Progress | 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server | 2025-04-03 | N/A |
| Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access. | ||||
| CVE-2004-2422 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | ||||
| CVE-2005-0707 | 1 Ipswitch | 1 Ipswitch Collaboration Suite | 2025-04-03 | N/A |
| Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15 Hotfix 1 allows remote authenticated users to execute arbitrary code via a long EXAMINE command. | ||||
| CVE-2006-3552 | 1 Ipswitch | 2 Ipswitch Collaboration Suite, Ipswitch Secure Server | 2025-04-03 | N/A |
| Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission. | ||||
| CVE-2005-1939 | 1 Ipswitch | 1 Whatsup Small Business | 2025-04-03 | N/A |
| Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in a request to the Report service (TCP 8022). | ||||
| CVE-2006-2352 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2353 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters. | ||||
| CVE-2006-2354 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2355 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2356 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter. | ||||
| CVE-2006-2357 | 1 Ipswitch | 1 Whatsup Professional | 2025-04-03 | N/A |
| Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp. | ||||
| CVE-2006-2531 | 1 Ipswitch | 1 Whatsup | 2025-04-03 | N/A |
| Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote attackers to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header to "NmConsole". | ||||