{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3774", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3774"}, {"tags": ["x_refsource_MISC"], "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07"}, {"name": "29105", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29105"}, {"name": "20080321 [INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded"}, {"name": "28377", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28377"}, {"name": "surgemail-imap-lsub-bo(41402)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402"}, {"tags": ["x_refsource_MISC"], "url": "http://www.netwinsite.com/surgemail/help/updates.htm"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1497", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3774", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3774"}, {"name": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07", "refsource": "MISC", "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07"}, {"name": "29105", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29105"}, {"name": "20080321 [INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded"}, {"name": "28377", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28377"}, {"name": "surgemail-imap-lsub-bo(41402)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402"}, {"name": "http://www.netwinsite.com/surgemail/help/updates.htm", "refsource": "MISC", "url": "http://www.netwinsite.com/surgemail/help/updates.htm"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:24:42.301Z"}, "title": "CVE Program Container", "references": [{"name": "3774", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3774"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07"}, {"name": "29105", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29105"}, {"name": "20080321 [INFIGO-2008-03-07]: Surgemail 38k4 IMAP server remote stack overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded"}, {"name": "28377", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28377"}, {"name": "surgemail-imap-lsub-bo(41402)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.netwinsite.com/surgemail/help/updates.htm"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1497", "datePublished": "2008-03-25T19:00:00", "dateReserved": "2008-03-25T00:00:00", "dateUpdated": "2024-08-07T08:24:42.301Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netwin:surgemail:1.8g3:*:*:*:*:*:*:*", "matchCriteriaId": "96563C20-642A-47EA-8A4B-1DE9C1DD7377", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:1.9b2:*:*:*:*:*:*:*", "matchCriteriaId": "AFAC85F6-EF7F-4051-AEC9-4FF21D77D1EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0a2:*:*:*:*:*:*:*", "matchCriteriaId": "90487000-A5DA-463B-82B2-5F83DBEC7154", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0c:*:*:*:*:*:*:*", "matchCriteriaId": "8B654A1F-01A3-4F18-A1E6-9D924BF34397", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0e:*:*:*:*:*:*:*", "matchCriteriaId": "4FDB3E97-547C-4531-81E9-B280E3DF39D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.0g2:*:*:*:*:*:*:*", "matchCriteriaId": "61DA6241-B456-4721-BAB7-A857FAA4B41B", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.1c7:*:*:*:*:*:*:*", "matchCriteriaId": "BBBC4664-D561-4DDD-AC69-003D498FE40B", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2a6:*:*:*:*:*:*:*", "matchCriteriaId": "7324F0F8-6F15-4966-9589-7BDF502DA287", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2c10:*:*:*:*:*:*:*", "matchCriteriaId": "FAF4BCCC-8284-4EB2-B38B-06283E584F2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2g2:*:*:*:*:*:*:*", "matchCriteriaId": "288E7531-50DA-4AE1-B152-F0FBE7CA88BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:2.2g3:*:*:*:*:*:*:*", "matchCriteriaId": "914D7AFB-007F-48C1-98C0-13B38F2C2D75", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.0a:*:*:*:*:*:*:*", "matchCriteriaId": "1ED629A5-B807-4856-AD71-DF5040463694", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.0c2:*:*:*:*:*:*:*", "matchCriteriaId": "5470DC1D-DBE4-4C03-B831-42533DF08D93", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.2e:*:*:*:*:*:*:*", "matchCriteriaId": "B4420781-D233-4C09-9979-B20BB476E635", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.5a:*:*:*:*:*:*:*", "matchCriteriaId": "8C4180CD-DCAC-42DB-8973-F8233F8B8EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.5b3:*:*:*:*:*:*:*", "matchCriteriaId": "6BB3CEAB-41DD-447B-B36E-C5C5B9F1A2F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6d:*:*:*:*:*:*:*", "matchCriteriaId": "1CE7B0E5-E5A8-4F03-867A-8AE987D2254B", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f3:*:*:*:*:*:*:*", "matchCriteriaId": "60B63ABA-5B8B-4EF2-A832-38F047904727", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f5:*:*:*:*:*:*:*", "matchCriteriaId": "90D7306C-A95A-4DB8-A6F1-29B233FF9977", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.6f7:*:*:*:*:*:*:*", "matchCriteriaId": "234A98AA-6482-4889-B3A3-3D4EC1023371", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b:*:*:*:*:*:*:*", "matchCriteriaId": "063644A4-AD5B-4BD7-9B6C-ADA2C47562C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b3:*:*:*:*:*:*:*", "matchCriteriaId": "4CB85D71-332A-4B5F-8B48-57CE29461920", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b5:*:*:*:*:*:*:*", "matchCriteriaId": "0871CD5E-B0B7-4A80-924F-073227420136", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b6:*:*:*:*:*:*:*", "matchCriteriaId": "563791A9-A34B-4C2A-9F4F-F878654C5742", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b7:*:*:*:*:*:*:*", "matchCriteriaId": "5AAF682B-5815-4787-B288-F1CB47F1C986", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.7b8:*:*:*:*:*:*:*", "matchCriteriaId": "E4764A66-0284-4D85-9A8D-69CC9FCD53EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8a:*:*:*:*:*:*:*", "matchCriteriaId": "12FCF5D0-3E98-48E4-840C-5DD47A893AA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8b:*:*:*:*:*:*:*", "matchCriteriaId": "6B2E8CA7-DAF6-4C30-8ED1-9FA6D4A660D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8d:*:*:*:*:*:*:*", "matchCriteriaId": "1C384BC3-603B-4409-B473-F3213D05DB95", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f:*:*:*:*:*:*:*", "matchCriteriaId": "C81E2733-0791-4D5E-990F-B40859EEA7C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f2:*:*:*:*:*:*:*", "matchCriteriaId": "F1CE77D8-ADB3-4A3E-9D79-4F9739F7549A", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8f3:*:*:*:*:*:*:*", "matchCriteriaId": "50C06B4F-1DEC-4622-B060-184762418112", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i:*:*:*:*:*:*:*", "matchCriteriaId": "19390313-1B1C-4388-AA3B-1A470416FADF", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i2:*:*:*:*:*:*:*", "matchCriteriaId": "EB1FD0B1-DEE5-4765-9538-FBA20E8B1559", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8i3:*:*:*:*:*:*:*", "matchCriteriaId": "30495DFC-EC4F-4449-851A-3358C9BCBF69", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k:*:*:*:*:*:*:*", "matchCriteriaId": "1C4BE37B-BA86-4B1D-A1B6-B5910F61171D", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k2:*:*:*:*:*:*:*", "matchCriteriaId": "DAF32266-AB58-4215-B7FF-CC882835EE79", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8k3:*:*:*:*:*:*:*", "matchCriteriaId": "A437EB1A-2E12-4AAB-8817-57D17C2E21E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:netwin:surgemail:3.8m:*:*:*:*:*:*:*", "matchCriteriaId": "25C21957-FA45-4FCE-AFFE-4A0E1345CFE9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en Pila en el servicio IMAP de NetWin SurgeMail 38k4-4 y versiones anteriores, permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos largos del comando LSUB."}], "id": "CVE-2008-1497", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-25T19:44:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29105"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/3774"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.netwinsite.com/surgemail/help/updates.htm"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28377"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/29105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/3774"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-03-07"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.netwinsite.com/surgemail/help/updates.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/489959/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28377"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41402"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}