cbcvebase.
CVE-1999-1551
published 1999-03-02

CVE-1999-1551: Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.

PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
71.79%
99.3th percentile
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.

Affected

2 ranges
VendorProductVersion rangeFixed in
ipswitchimail
ipswitchimail

Detection & IOCsextracted from sources · hover to see the quote

port8383
commandGET /glob1/
  • Detect abnormally long HTTP GET requests (≥3000 characters) sent to port 8383, indicative of the IMail web service buffer overflow exploit attempt.
  • Monitor for connections to TCP port 8383 followed by oversized GET requests, which is the attack vector for crashing the IMail web server.
  • ·The buffer overflow is triggered via the IMail web service (not SMTP/POP3); ensure port 8383 is specifically monitored or blocked at the perimeter if IMail web service is not required.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.