CVE-1999-1497

Ipswitch IMail <6.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-1497. PoCs published by Adik, Mike Davis.

AI-analyzed exploit summary This exploit decrypts user passwords stored in the registry by IpSwitch IMail Server <= 8.1 using a weak polyalphabetic Vigenère cipher. It leverages the username as the decryption key to reverse the password hash.

Description

Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Adik · clocalwindows

https://www.exploit-db.com/exploits/401

View Code ZIP pw:eip

This exploit decrypts user passwords stored in the registry by IpSwitch IMail Server <= 8.1 using a weak polyalphabetic Vigenère cipher. It leverages the username as the decryption key to reverse the password hash.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: IpSwitch IMail Server <= 8.1

No auth needed

Prerequisites: Access to the target system's registry · Knowledge of the username and password hash

MITRE ATT&CK

T1552.002 - Credentials in Registry

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Mike Davis · clocalwindows

https://www.exploit-db.com/exploits/19683

View Code ZIP pw:eip

This exploit decrypts weakly encrypted IMail passwords stored in the Windows registry by reversing a custom encryption scheme. It takes an account name and encrypted password as input and outputs the plaintext password.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ipswitch IMail (versions prior to 6.01, unconfirmed)

No auth needed

Prerequisites: Access to the Windows registry key containing the encrypted password · Knowledge of the account name associated with the password

MITRE ATT&CK

T1552.002 - Credentials in Registry

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/39329

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/880

Scores

EPSS 0.0140

EPSS Percentile 69.1%

Details

Status published

Products (6)

ipswitch/imail 5.0

ipswitch/imail 5.0.5

ipswitch/imail 5.0.6

ipswitch/imail 5.0.7

ipswitch/imail 5.0.8

ipswitch/imail 6.0

Published Dec 21, 1999

Tracked Since Feb 18, 2026