CVE-1999-1497
published 1999-12-21CVE-1999-1497: Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
PriorityP418high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.40%
69.2th percentile
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ipswitch | imail | — | — |
| ipswitch | imail | — | — |
| ipswitch | imail | — | — |
| ipswitch | imail | — | — |
| ipswitch | imail | — | — |
| ipswitch | imail | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
IPSwitch IMail Server 8.1 - Local Password Decryption Utility
exploitdb·2004-08-18
CVE-1999-1497 IPSwitch IMail Server 8.1 - Local Password Decryption Utility
IPSwitch IMail Server 8.1 - Local Password Decryption Utility
---
/*********************************************************************************
* IpSwitch IMail Server
*
* IpSwitch IMail Server uses weak encryption algorithm to encrypt its user passwords. It uses
* polyalphabetic Vegenere cipher to encrypt its user passwords. This encryption scheme is
* relatively easy to break. In order to decrypt user password we need a key. IMail uses username
* as a key to encrypt its user passwords. The server stores user passwords in the registry under the key
* "HKEY_LOCAL_MACHINE\SOFTWARE\IpSwitch\IMail\Domains\\Users\\Password".
* Before decrypting password convert all upper case characters in the username to lower case
* characters. We use username as a key to decrypt our password.
* In or
Exploit-DB
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
exploitdb·1999-12-19
CVE-1999-1497 Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
---
// source: https://www.securityfocus.com/bid/880/info
IMail keeps the encrypted passwords for email accounts in a registry key, HKLM\SOFTWARE\Ipswitch\Imail\Domains\(DomainName)\Users\(UserName), in a string value called "Password". The encryption scheme used is weak and has been broken. The following description of the mechanism used is quoted from Matt Conover's post to Bugtraq, linked to in full in the Credits section.
ENCRYPTION SCHEME Take the lowercase of the account name, split it up by letter and convert each letter to its ASCII equivalent. Next, find the difference between each letter and the first letter. Take each letter of the password, find it's ASCII equivalent and add the offset (ASCII v
No writeups or analysis indexed.
1999-12-21
Published