Vulnerability Report

CVE-2005-1255

RCE

Title: Ipswitch Collaboration Suite IMAP server multiple stack-based buffer overflows RCE

RCE, Buffer Overflow

Proof Of Concept

PoC Available for CVE-2005-1255

CWE Category NVD-CWE-noinfo
Published Date May 25, 2005
Modified Date Apr 03, 2025
Exploit Status Available
Score 10.0 CVSS v2.0
Exploit Probability (EPSS)
16.79%

Vulnerability Summary

CVE-2005-1255: Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.

Impacted Vendors

I
ipswitch 3

Reference Links

http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727 http://securitytracker.com/id?1014047 http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html http://www.securityfocus.com/bid/13727
CVSS v2.0
Source Entity [email protected]
Severity HIGH
10.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2005-1255 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/1124
View Code
Exploit-DB https://www.exploit-db.com/exploits/3627
View Code
Exploit-DB https://www.exploit-db.com/exploits/1035
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.