CVE-2011-1430

{"id": "CVE-2011-1430", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-03-16T22:55:04.747", "references": [{"url": "http://secunia.com/advisories/43676", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/555316", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/71020", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/46767", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0609", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."}, {"lang": "es", "value": "La implementaci\u00f3n del servidor Ipswitch IMail v11.03 no restringe el b\u00fafer I/O de forma adecuada, lo que permite a los atacantes \"man-in-the-middle insertar comandos en las sesiones SMTP cifrado mediante el env\u00edo de un comando de texto plano que se procesa despu\u00e9s de que TLS est\u00e1 en su lugar, relacionado con un ataque \"inyecci\u00f3n de de comando en texto claro\", un problema similar a CVE -2011- 0411."}], "lastModified": "2017-08-17T01:34:08.650", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ipswitch:imail:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60AE67A3-2B6C-4875-8832-D90BA925C5F9"}, {"criteria": "cpe:2.3:a:ipswitch:imail:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "520F39EA-860F-407A-9BCE-ABD565B57FE8", "versionEndIncluding": "11.03"}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFEFE5A5-6589-4316-9C9F-2F8109696158"}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB3992E3-D0C8-4A48-B4E1-D31B0D79CEE0"}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65248233-61A3-4085-8808-6FC2FD87EAF6"}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B37214DE-41E8-4DD4-AFBF-E608B88D6EAD"}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E11FF5E-9B3D-4818-B091-1286ECF47937"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A81DF07-7B75-4590-861C-F0FBC81E86AD"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EADF489-0420-4C47-9F73-78114C2042F3"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58084475-62DE-482E-B34B-A09EBC190C84"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56F7C097-B6D9-4C10-BDCD-245E5D387ADA"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "838CCBFF-1CD5-4B9F-8EA3-97A097F7E69F"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A50719E9-10F0-4FA4-9ADF-771D8995BCBC"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A965D10-F783-423B-BD70-AB11725D0172"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B6613A7-3338-451F-876E-C544CCE2C066"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAEA8FB7-3D42-4A39-BCCD-2DE3BC3EAC19"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12658962-53E6-49EB-83EF-04A1B5D693B3"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DA61FCA-BA3C-4014-9C4B-4D4ED65AB07A"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0BC7230-2A64-43CE-B041-22F2E4A559A9"}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "547B2777-4C96-4C1B-8625-AABC287EFB26"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5700938-EE34-4A16-BE98-74EAA4A48249"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCF543E9-F893-4086-BD97-ECB43EEF26BC"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3818F47-0A00-4984-857D-DBF87DDB71B4"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84CE3C80-C0D3-4F7C-BF12-10111281DC3D"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1E2D897-B37B-43E1-96D9-9BF7A5AFC842"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4098FA6A-356C-4AA5-B948-AAD642354F7B"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7920844-DD87-47EF-B3CF-DA2DE04FC7F3"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "606E35DC-DF69-4A95-9116-111D3AF28EA9"}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C108EAB-1EDC-458C-A7F8-0B3599E66466"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3138FF2C-2D8A-4270-9A55-85FCA3622DD9"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A1F768F-1974-4612-BED3-A608CFCC019F"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "785BD23E-DE6D-4ABA-AFDD-2FEA03E6DA73"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DD7A8A7-26C3-4D45-BD9C-7AAF1DC19677"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CA687C5-0C95-4EE5-ABE8-856A90AD7197"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2802265F-2CFD-4AB4-84BF-EAD5E0CA5366"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "443C3EE1-1C98-40F6-93DD-F60BD0C46C2F"}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6050F2A0-EF11-4220-8347-53F168106442"}, {"criteria": "cpe:2.3:a:ipswitch:imail:10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C6C863-5810-406B-82A8-487C9479B166"}, {"criteria": "cpe:2.3:a:ipswitch:imail:10.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "956A70D0-74D3-4369-8D79-DC2EE639D741"}, {"criteria": "cpe:2.3:a:ipswitch:imail:10.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2547A872-0A78-4758-893B-7A39FE81CC78"}, {"criteria": "cpe:2.3:a:ipswitch:imail:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "587EE83C-5CEF-4F00-BD7B-6D7E2043E110"}, {"criteria": "cpe:2.3:a:ipswitch:imail:11.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F3A18DC-AC16-4640-B4D5-6D000E00FE06"}, {"criteria": "cpe:2.3:a:ipswitch:imail:11.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "335520C7-C0AC-4D89-B3D4-9827772212CB"}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81B286D0-4168-41FF-AC1F-4E65C3AD7DC0"}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A64E19D5-12B3-4DE9-B282-9BA2F36294D3"}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F61C3F0D-D442-4EC9-AC6C-89305AAE61A3"}, {"criteria": "cpe:2.3:a:ipswitch:imail:server_8.2_hotfix_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE282FD7-D9D8-424C-AD7D-42E6C8C7760B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}