← Back

Ipswitch

ipswitch

109 CVEs • 26 products

Products (26)

Click to collapse
Toggle
Imail
imail
38 CVEs
Ws Ftp Server
ws_ftp_server
13 CVEs
Ipswitch Collaboration Suite
ipswitch_collaboration_suite
13 CVEs
Imail Server
imail_server
12 CVEs
Ws Ftp
ws_ftp
8 CVEs
Whatsup Professional
whatsup_professional
7 CVEs
Ws Ftp Pro
ws_ftp_pro
6 CVEs
Moveit Dmz
moveit_dmz
5 CVEs
Whatsup
whatsup
3 CVEs
Imserver
imserver
3 CVEs
Instant Messaging
instant_messaging
3 CVEs
Moveit Mobile
moveit_mobile
3 CVEs
Moveit Transfer
moveit_transfer
3 CVEs
Imail Plus
imail_plus
2 CVEs
Ws Ftp Home
ws_ftp_home
2 CVEs
Wincom Lpd
wincom_lpd
1 CVE
Whatsup Gold
whatsup_gold
1 CVE
Imail Express
imail_express
1 CVE
Whatsup Small Business
whatsup_small_business
1 CVE
Ipswitch Secure Server
ipswitch_secure_server
1 CVE
Imail Secure Server
imail_secure_server
1 CVE
Imail Premium
imail_premium
1 CVE
Imail Client
imail_client
1 CVE
Tftp Server
tftp_server
1 CVE
Moveit Transfer 2017
moveit_transfer_2017
1 CVE
Moveit
moveit
1 CVE

CVEs (109)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2003-0772
2Ipswitch
Progress
2Ws Ftp Server
Ws Ftp Server
Apr 16, 2026
Sep 22, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
CVE-2002-1851
1Ipswitch
1Ws Ftp Pro
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors.
CVE-2002-1077
1Ipswitch
1Imail
Apr 16, 2026
Oct 4, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.
CVE-2002-1076
1Ipswitch
1Imail
Apr 16, 2026
Oct 4, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
CVE-2002-0777
1Ipswitch
1Imail
Apr 16, 2026
Aug 12, 2002
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.
CVE-2001-1211
1Ipswitch
1Imail
Apr 16, 2026
Dec 31, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm...Show more
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.Show less
CVE-2001-1287
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2001-1286
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under t...Show more
Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control.Show less
CVE-2001-1285
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.
CVE-2001-1284
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users.
CVE-2001-1283
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs...Show more
The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code.Show less
CVE-2001-1282
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information.
CVE-2001-1281
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form.
CVE-2001-1280
1Ipswitch
1Imail
Apr 16, 2026
Oct 12, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system.
CVE-2001-0494
1Ipswitch
1Imail
Apr 16, 2026
Jun 27, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header.
CVE-2001-0039
1Ipswitch
1Imail
Apr 16, 2026
Feb 16, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes.
CVE-2000-0839
1Ipswitch
1Wincom Lpd
Apr 16, 2026
Nov 14, 2000
N/A· v4
N/A· v3
5.0 MEDIUM· v2
WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515).
CVE-2000-0825
1Ipswitch
1Imail
Apr 16, 2026
Nov 14, 2000
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
CVE-2000-0780
1Ipswitch
1Imail
Apr 16, 2026
Oct 20, 2000
N/A· v4
N/A· v3
6.4 MEDIUM· v2
The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.
CVE-2000-0301
1Ipswitch
1Imail
Apr 16, 2026
Apr 6, 2000
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command.