Details of VAR-200607-0437

ID

VAR-200607-0437

CVE

CVE-2006-3552

TITLE

Ipswitch IMail Secure Serverdat File junk file transfer vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200607-197

DESCRIPTION

Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission. Attackers use the server to transmit spam

Trust: 1.26

sources: NVD: CVE-2006-3552 // BID: 82226 // VULHUB: VHN-19660

AFFECTED PRODUCTS

vendor:	ipswitch	model:	secure server	scope:	eq	version:	2006_premium	Trust: 1.6
vendor:	ipswitch	model:	collaboration suite	scope:	eq	version:	2006_premium	Trust: 1.6
vendor:	ipswitch	model:	secure server premium	scope:	eq	version:	2006	Trust: 0.3
vendor:	ipswitch	model:	collaboration suite premium	scope:	eq	version:	2006	Trust: 0.3

sources: BID: 82226 // CNNVD: CNNVD-200607-197 // NVD: CVE-2006-3552

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-3552
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200607-197
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-19660
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-3552
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-19660
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-19660 // CNNVD: CNNVD-200607-197 // NVD: CVE-2006-3552

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3552

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-197

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200607-197

EXTERNAL IDS

db:	NVD	id:	CVE-2006-3552	Trust: 2.0
db:	SECTRACK	id:	1016419	Trust: 1.7
db:	SECTRACK	id:	1016420	Trust: 1.7
db:	VUPEN	id:	ADV-2006-2653	Trust: 1.7
db:	CNNVD	id:	CNNVD-200607-197	Trust: 0.7
db:	BID	id:	82226	Trust: 0.4
db:	VULHUB	id:	VHN-19660	Trust: 0.1

sources: VULHUB: VHN-19660 // BID: 82226 // CNNVD: CNNVD-200607-197 // NVD: CVE-2006-3552

REFERENCES

url:	http://ipswitch.com/support/ics/updates/security_advisory_20060630.asp	Trust: 2.0
url:	http://ipswitch.com/support/imail/releases/security_advisory_20060630.asp	Trust: 2.0
url:	http://securitytracker.com/id?1016419	Trust: 1.7
url:	http://securitytracker.com/id?1016420	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2006/2653	Trust: 1.1
url:	http://www.frsirt.com/english/advisories/2006/2653	Trust: 0.6

sources: VULHUB: VHN-19660 // BID: 82226 // CNNVD: CNNVD-200607-197 // NVD: CVE-2006-3552

CREDITS

Unknown

Trust: 0.3

sources: BID: 82226

SOURCES

db:	VULHUB	id:	VHN-19660
db:	BID	id:	82226
db:	CNNVD	id:	CNNVD-200607-197
db:	NVD	id:	CVE-2006-3552

LAST UPDATE DATE

2024-08-14T15:35:56.560000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-19660	date:	2011-03-08T00:00:00
db:	BID	id:	82226	date:	2006-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200607-197	date:	2006-07-18T00:00:00
db:	NVD	id:	CVE-2006-3552	date:	2011-03-08T02:38:53.563

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-19660	date:	2006-07-13T00:00:00
db:	BID	id:	82226	date:	2006-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200607-197	date:	2006-07-12T00:00:00
db:	NVD	id:	CVE-2006-3552	date:	2006-07-13T00:05:00