CVE-2011-1430

Current Description

The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

Basic Data

PublishedMarch 16, 2011
Last ModifiedAugust 17, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.8
SeverityMEDIUM
Exploitability Score8.6
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationIpswitchImail********
    2.3ApplicationIpswitchImail5.0*******
    2.3ApplicationIpswitchImail5.0.5*******
    2.3ApplicationIpswitchImail5.0.6*******
    2.3ApplicationIpswitchImail5.0.7*******
    2.3ApplicationIpswitchImail5.0.8*******
    2.3ApplicationIpswitchImail6.0*******
    2.3ApplicationIpswitchImail6.00*******
    2.3ApplicationIpswitchImail6.0.1*******
    2.3ApplicationIpswitchImail6.0.2*******
    2.3ApplicationIpswitchImail6.0.3*******
    2.3ApplicationIpswitchImail6.0.4*******
    2.3ApplicationIpswitchImail6.0.5*******
    2.3ApplicationIpswitchImail6.0.6*******
    2.3ApplicationIpswitchImail6.1*******
    2.3ApplicationIpswitchImail6.2*******
    2.3ApplicationIpswitchImail6.3*******
    2.3ApplicationIpswitchImail6.4*******
    2.3ApplicationIpswitchImail6.06*******
    2.3ApplicationIpswitchImail7.0.1*******
    2.3ApplicationIpswitchImail7.0.2*******
    2.3ApplicationIpswitchImail7.0.3*******
    2.3ApplicationIpswitchImail7.0.4*******
    2.3ApplicationIpswitchImail7.0.5*******
    2.3ApplicationIpswitchImail7.0.6*******
    2.3ApplicationIpswitchImail7.0.7*******
    2.3ApplicationIpswitchImail7.1*******
    2.3ApplicationIpswitchImail7.12*******
    2.3ApplicationIpswitchImail8.0.3*******
    2.3ApplicationIpswitchImail8.0.5*******
    2.3ApplicationIpswitchImail8.01*******
    2.3ApplicationIpswitchImail8.1*******
    2.3ApplicationIpswitchImail8.11*******
    2.3ApplicationIpswitchImail8.12*******
    2.3ApplicationIpswitchImail8.13*******
    2.3ApplicationIpswitchImail8.22*******
    2.3ApplicationIpswitchImail10*******
    2.3ApplicationIpswitchImail10.01*******
    2.3ApplicationIpswitchImail10.02*******
    2.3ApplicationIpswitchImail11*******
    2.3ApplicationIpswitchImail11.01*******
    2.3ApplicationIpswitchImail11.02*******
    2.3ApplicationIpswitchImail********11.03
    2.3ApplicationIpswitchImail2006*******
    2.3ApplicationIpswitchImail2006.1*******
    2.3ApplicationIpswitchImail2006.2*******
    2.3ApplicationIpswitchImailserver_8.2_hotfix_2*******

Vulnerable Software List

VendorProductVersions
Ipswitch Imail *, 10, 10.01, 10.02, 11, 11.01, 11.02, 2006, 2006.1, 2006.2, 5.0, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.00, 6.06, 6.1, 6.2, 6.3, 6.4, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.1, 7.12, 8.0.3, 8.0.5, 8.01, 8.1, 8.11, 8.12, 8.13, 8.22, server_8.2_hotfix_2

References

NameSourceURLTags
43676http://secunia.com/advisories/43676SECUNIAVendor Advisory
VU#555316http://www.kb.cert.org/vuls/id/555316CERT-VNUS Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8DBRD4http://www.kb.cert.org/vuls/id/MAPG-8DBRD4CONFIRMUS Government Resource
71020http://www.osvdb.org/71020OSVDB
46767http://www.securityfocus.com/bid/46767BID
ADV-2011-0609http://www.vupen.com/english/advisories/2011/0609VUPENVendor Advisory
multiple-starttls-command-execution(65932)https://exchange.xforce.ibmcloud.com/vulnerabilities/65932XF