CVE-2008-2859

Current Description

Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."

Referenced by CVEs:CVE-2008-7182

Basic Data

PublishedJune 25, 2008
Last ModifiedAugust 08, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationNetwinSurgemail3.8a*******
    2.3ApplicationNetwinSurgemail3.8b*******
    2.3ApplicationNetwinSurgemail3.8d*******
    2.3ApplicationNetwinSurgemail3.8f*******
    2.3ApplicationNetwinSurgemail3.8f2*******
    2.3ApplicationNetwinSurgemail3.8f3*******
    2.3ApplicationNetwinSurgemail3.8i*******
    2.3ApplicationNetwinSurgemail3.8i2*******
    2.3ApplicationNetwinSurgemail3.8i3*******
    2.3ApplicationNetwinSurgemail3.8k*******
    2.3ApplicationNetwinSurgemail3.8k2*******
    2.3ApplicationNetwinSurgemail3.8k3*******
    2.3ApplicationNetwinSurgemail3.8k4*******
    2.3ApplicationNetwinSurgemail3.8m*******
    2.3ApplicationNetwinSurgemail3.8o*******
    2.3ApplicationNetwinSurgemail3.8q*******
    2.3ApplicationNetwinSurgemail3.8s*******
    2.3ApplicationNetwinSurgemail3.8u*******
    2.3ApplicationNetwinSurgemail3.9a*******
    2.3ApplicationNetwinSurgemail3.9c*******
    2.3ApplicationNetwinSurgemail3.9e*******
    2.3ApplicationNetwinSurgemail********3.9g

Vulnerable Software List

VendorProductVersions
Netwin Surgemail *, 3.8a, 3.8b, 3.8d, 3.8f, 3.8f2, 3.8f3, 3.8i, 3.8i2, 3.8i3, 3.8k, 3.8k2, 3.8k3, 3.8k4, 3.8m, 3.8o, 3.8q, 3.8s, 3.8u, 3.9a, 3.9c, 3.9e

References

NameSourceURLTags
30739http://secunia.com/advisories/30739SECUNIAVendor Advisory
http://www.netwinsite.com/surgemail/help/updates.htmhttp://www.netwinsite.com/surgemail/help/updates.htmCONFIRM
29805http://www.securityfocus.com/bid/29805BID
1020335http://www.securitytracker.com/id?1020335SECTRACK
ADV-2008-1874http://www.vupen.com/english/advisories/2008/1874/referencesVUPEN
surgemail-imap-dos(43171)https://exchange.xforce.ibmcloud.com/vulnerabilities/43171XF