CVE-2001-1287

Ipswitch IMail <= 7.04 - Remote Code Execution via Long HTTP GET Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1287. PoCs published by Andrew Griffiths.

AI-analyzed exploit summary This exploit demonstrates a timing attack to infer the existence of inaccessible files by measuring the time difference in error responses when attempting to open existent vs. non-existent files. It uses the `open()` system call with specific flags to exploit a weakness in file access timing.

Description

Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Andrew Griffiths · clocallinux
https://www.exploit-db.com/exploits/22458

This exploit demonstrates a timing attack to infer the existence of inaccessible files by measuring the time difference in error responses when attempting to open existent vs. non-existent files. It uses the `open()` system call with specific flags to exploit a weakness in file access timing.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Unix-like systems with vulnerable file access timing (CVE-2001-1287)
No auth needed
Prerequisites: Access to a vulnerable Unix-like system · Ability to execute arbitrary code on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-10/0083.html
Various Sources x_refsource_misc
http://www.ipswitch.com/Support/IMail/news.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3431

Scores

EPSS 0.0991
EPSS Percentile 95.0%

Details

Status published
Products (3)
ipswitch/imail 6.0.2
ipswitch/imail 6.0.6
ipswitch/imail 7.0.4
Published Oct 12, 2001
Tracked Since Feb 18, 2026