CVE-2002-1076: Buffer Overflow
First published: Fri Oct 04 2002(Updated: )
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ipswitch IMail | =6.1 | |
| Ipswitch IMail | =6.2 | |
| Ipswitch IMail | =6.3 | |
| Ipswitch IMail | =6.4 | |
| Ipswitch IMail | =7.0.1 | |
| Ipswitch IMail | =7.0.2 | |
| Ipswitch IMail | =7.0.3 | |
| Ipswitch IMail | =7.0.4 | |
| Ipswitch IMail | =7.0.5 | |
| Ipswitch IMail | =7.0.6 | |
| Ipswitch IMail | =7.0.7 | |
| Ipswitch IMail | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/5323
- http://www.iss.net/security_center/static/9679.php
- http://support.ipswitch.com/kb/IM-20020731-DM02.htm
- http://support.ipswitch.com/kb/IM-20020729-DM01.htm
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0326.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0363.html
- http://archives.neohapsis.com/archives/bugtraq/2002-07/0368.html
Frequently Asked Questions
What vulnerabilities are associated with CVE-2002-1076?
CVE-2002-1076 is associated with a buffer overflow in the Web Messaging daemon for Ipswitch IMail that allows remote code execution.
How severe is CVE-2002-1076?
CVE-2002-1076 has been assigned a high severity level due to its potential to allow remote attackers to execute arbitrary code.
Which versions of Ipswitch IMail are affected by CVE-2002-1076?
Versions of Ipswitch IMail prior to 7.12, including 6.1 through 7.1, are affected by CVE-2002-1076.
How can I fix the vulnerability CVE-2002-1076?
To fix CVE-2002-1076, upgrade your Ipswitch IMail server to version 7.12 or later.
What type of attacks can exploit CVE-2002-1076?
CVE-2002-1076 can be exploited through long HTTP GET requests targeting the Web Messaging daemon.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/author
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/ipswitch
- canonical/ipswitch imail
- version/ipswitch imail/6.1
- version/ipswitch imail/6.2
- version/ipswitch imail/6.3
- version/ipswitch imail/6.4
- version/ipswitch imail/7.0.1
- version/ipswitch imail/7.0.2
- version/ipswitch imail/7.0.3
- version/ipswitch imail/7.0.4
- version/ipswitch imail/7.0.5
- version/ipswitch imail/7.0.6
- version/ipswitch imail/7.0.7
- version/ipswitch imail/7.1