Sign-up

ID

VAR-201002-0312


TITLE

Ipswitch IMail Server Local Privilege Escalation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2010-0213

DESCRIPTION

Ipswitch IMail Server is a mail server bundled in the Ipswitch collaboration component. By default, IMail allows the Internet Guest account to access the following registry keys and their subkeys and values with Full Control privileges: HKEY_LOCAL_MACHINE\\SOFTWARE\\Ipswitch\\IMail. In addition, the password decryption algorithm implemented in IMail's IMailsec.dll library is reversible. Local users can find the Password string under HKEY_LOCAL_MACHINE\\SOFTWARE\\Ipswitch\\IMail\\Domains\\[domain name]\\Users and then crack the encrypted password. Ipswitch IMail Server is prone to multiple local privilege-escalation vulnerabilities. Local attackers may exploit these issues to gain elevated privileges, which may lead to a complete compromise of an affected computer. IMail Server 11.01 is affected; other versions may also be vulnerable

Trust: 0.81

sources: CNVD: CNVD-2010-0213 // BID: 38109

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-0213

AFFECTED PRODUCTS

vendor:ipswitchmodel:imailscope:eqversion:11.01

Trust: 0.6

vendor:ipswitchmodel:imail serverscope:eqversion:11.01

Trust: 0.3

sources: CNVD: CNVD-2010-0213 // BID: 38109

THREAT TYPE

local

Trust: 0.3

sources: BID: 38109

TYPE

Unknown

Trust: 0.3

sources: BID: 38109

EXTERNAL IDS

db:BIDid:38109

Trust: 0.9

db:CNVDid:CNVD-2010-0213

Trust: 0.6

sources: CNVD: CNVD-2010-0213 // BID: 38109

REFERENCES

url:http://marc.info/?l=full-disclosure

Trust: 0.6

url:http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0076.html

Trust: 0.3

url:http://www.ipswitch.com/products/imail_server/index.html

Trust: 0.3

sources: CNVD: CNVD-2010-0213 // BID: 38109

CREDITS

sinn3r

Trust: 0.3

sources: BID: 38109

SOURCES

db:CNVDid:CNVD-2010-0213
db:BIDid:38109

LAST UPDATE DATE

2022-05-17T01:53:42.287000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2010-0213date:2010-02-05T00:00:00
db:BIDid:38109date:2010-02-04T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2010-0213date:2010-02-05T00:00:00
db:BIDid:38109date:2010-02-04T00:00:00