{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-03T00:00:00", "descriptions": [{"lang": "en", "value": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4"}, {"name": "multiple-starttls-command-execution(65932)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"}, {"name": "71020", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/71020"}, {"name": "43676", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43676"}, {"name": "46767", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46767"}, {"name": "VU#555316", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/555316"}, {"name": "ADV-2011-0609", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0609"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1430", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4"}, {"name": "multiple-starttls-command-execution(65932)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"}, {"name": "71020", "refsource": "OSVDB", "url": "http://www.osvdb.org/71020"}, {"name": "43676", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43676"}, {"name": "46767", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46767"}, {"name": "VU#555316", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/555316"}, {"name": "ADV-2011-0609", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0609"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:28:41.210Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4"}, {"name": "multiple-starttls-command-execution(65932)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"}, {"name": "71020", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/71020"}, {"name": "43676", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43676"}, {"name": "46767", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46767"}, {"name": "VU#555316", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/555316"}, {"name": "ADV-2011-0609", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0609"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1430", "datePublished": "2011-03-16T22:00:00", "dateReserved": "2011-03-16T00:00:00", "dateUpdated": "2024-08-06T22:28:41.210Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ipswitch:imail:*:*:*:*:*:*:*:*", "matchCriteriaId": "60AE67A3-2B6C-4875-8832-D90BA925C5F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:*:*:*:*:*:*:*:*", "matchCriteriaId": "520F39EA-860F-407A-9BCE-ABD565B57FE8", "versionEndIncluding": "11.03", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFEFE5A5-6589-4316-9C9F-2F8109696158", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DB3992E3-D0C8-4A48-B4E1-D31B0D79CEE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "65248233-61A3-4085-8808-6FC2FD87EAF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B37214DE-41E8-4DD4-AFBF-E608B88D6EAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:5.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "6E11FF5E-9B3D-4818-B091-1286ECF47937", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.00:*:*:*:*:*:*:*", "matchCriteriaId": "0A81DF07-7B75-4590-861C-F0FBC81E86AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EADF489-0420-4C47-9F73-78114C2042F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "58084475-62DE-482E-B34B-A09EBC190C84", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "56F7C097-B6D9-4C10-BDCD-245E5D387ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "838CCBFF-1CD5-4B9F-8EA3-97A097F7E69F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "A50719E9-10F0-4FA4-9ADF-771D8995BCBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "7A965D10-F783-423B-BD70-AB11725D0172", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "7B6613A7-3338-451F-876E-C544CCE2C066", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "EAEA8FB7-3D42-4A39-BCCD-2DE3BC3EAC19", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "12658962-53E6-49EB-83EF-04A1B5D693B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6DA61FCA-BA3C-4014-9C4B-4D4ED65AB07A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "D0BC7230-2A64-43CE-B041-22F2E4A559A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:6.06:*:*:*:*:*:*:*", "matchCriteriaId": "547B2777-4C96-4C1B-8625-AABC287EFB26", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A5700938-EE34-4A16-BE98-74EAA4A48249", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCF543E9-F893-4086-BD97-ECB43EEF26BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F3818F47-0A00-4984-857D-DBF87DDB71B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "84CE3C80-C0D3-4F7C-BF12-10111281DC3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B1E2D897-B37B-43E1-96D9-9BF7A5AFC842", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "4098FA6A-356C-4AA5-B948-AAD642354F7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A7920844-DD87-47EF-B3CF-DA2DE04FC7F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "606E35DC-DF69-4A95-9116-111D3AF28EA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:7.12:*:*:*:*:*:*:*", "matchCriteriaId": "3C108EAB-1EDC-458C-A7F8-0B3599E66466", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3138FF2C-2D8A-4270-9A55-85FCA3622DD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A1F768F-1974-4612-BED3-A608CFCC019F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "785BD23E-DE6D-4ABA-AFDD-2FEA03E6DA73", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.01:*:*:*:*:*:*:*", "matchCriteriaId": "2DD7A8A7-26C3-4D45-BD9C-7AAF1DC19677", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.11:*:*:*:*:*:*:*", "matchCriteriaId": "7CA687C5-0C95-4EE5-ABE8-856A90AD7197", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.12:*:*:*:*:*:*:*", "matchCriteriaId": "2802265F-2CFD-4AB4-84BF-EAD5E0CA5366", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.13:*:*:*:*:*:*:*", "matchCriteriaId": "443C3EE1-1C98-40F6-93DD-F60BD0C46C2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:8.22:*:*:*:*:*:*:*", "matchCriteriaId": "6050F2A0-EF11-4220-8347-53F168106442", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:10:*:*:*:*:*:*:*", "matchCriteriaId": "E9C6C863-5810-406B-82A8-487C9479B166", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "956A70D0-74D3-4369-8D79-DC2EE639D741", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:10.02:*:*:*:*:*:*:*", "matchCriteriaId": "2547A872-0A78-4758-893B-7A39FE81CC78", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:11:*:*:*:*:*:*:*", "matchCriteriaId": "587EE83C-5CEF-4F00-BD7B-6D7E2043E110", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:11.01:*:*:*:*:*:*:*", "matchCriteriaId": "8F3A18DC-AC16-4640-B4D5-6D000E00FE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:11.02:*:*:*:*:*:*:*", "matchCriteriaId": "335520C7-C0AC-4D89-B3D4-9827772212CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006:*:*:*:*:*:*:*", "matchCriteriaId": "81B286D0-4168-41FF-AC1F-4E65C3AD7DC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006.1:*:*:*:*:*:*:*", "matchCriteriaId": "A64E19D5-12B3-4DE9-B282-9BA2F36294D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:2006.2:*:*:*:*:*:*:*", "matchCriteriaId": "F61C3F0D-D442-4EC9-AC6C-89305AAE61A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ipswitch:imail:server_8.2_hotfix_2:*:*:*:*:*:*:*", "matchCriteriaId": "AE282FD7-D9D8-424C-AD7D-42E6C8C7760B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411."}, {"lang": "es", "value": "La implementaci\u00f3n del servidor Ipswitch IMail v11.03 no restringe el b\u00fafer I/O de forma adecuada, lo que permite a los atacantes \"man-in-the-middle insertar comandos en las sesiones SMTP cifrado mediante el env\u00edo de un comando de texto plano que se procesa despu\u00e9s de que TLS est\u00e1 en su lugar, relacionado con un ataque \"inyecci\u00f3n de de comando en texto claro\", un problema similar a CVE -2011- 0411."}], "id": "CVE-2011-1430", "lastModified": "2017-08-17T01:34:08.650", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-03-16T22:55:04.747", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43676"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/555316"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8DBRD4"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/71020"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/46767"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0609"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}