CVE-1999-1170

IPswitch IMail - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1170.

AI-analyzed exploit summary This is a technical description of a privilege escalation vulnerability in Imail and WS_FTP Server, where modifying a registry value grants administrative privileges. It details the specific registry key and value to exploit but does not include functional exploit code.

Description

IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.

Exploits (1)

exploitdb WRITEUP

localwindows

https://www.exploit-db.com/exploits/19167

View Code ZIP pw:eip

This is a technical description of a privilege escalation vulnerability in Imail and WS_FTP Server, where modifying a registry value grants administrative privileges. It details the specific registry key and value to exploit but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Ipswitch Imail and WS_FTP Server

Auth required

Prerequisites: Local access to the system · Ability to modify registry values

MITRE ATT&CK

T1112 - Modify Registry

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_ntbugtraq

http://marc.info/?l=ntbugtraq&m=91816507920544&w=2

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/218

Scores

EPSS 0.0368

EPSS Percentile 88.2%

Details

Status published

Products (3)

ipswitch/imail 5.0

progress/ws_ftp_server 1.0.1.e

progress/ws_ftp_server 1.0.2.e

Published Jan 02, 1999

Tracked Since Feb 18, 2026