CVE-2005-1255

Ipswitch IMail < 8.2 Hotfix 2 - Remote Code Execution via IMAP LOGIN Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-1255. PoCs published by Heretic2, kingcope, nolimit.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Ipswitch IMAIL Server IMAPD versions 7.13 to 8.20. It overwrites EIP to execute shellcode, providing either a bind shell or a connect-back shell, and includes multiple target configurations for different Windows versions.

Description

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Heretic2 · cremotewindows
https://www.exploit-db.com/exploits/3627

This exploit targets a buffer overflow vulnerability in Ipswitch IMAIL Server IMAPD versions 7.13 to 8.20. It overwrites EIP to execute shellcode, providing either a bind shell or a connect-back shell, and includes multiple target configurations for different Windows versions.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ipswitch IMAIL Server IMAPD 7.13 - 8.20
No auth needed
Prerequisites: Network access to the target IMAP service · Knowledge of the target OS and IMAIL version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by kingcope · perlremotelinux
https://www.exploit-db.com/exploits/1124

This exploit targets a buffer overflow vulnerability in IpSwitch IMAIL Server IMAPD, allowing remote code execution via a crafted LOGIN command. The shellcode is encoded and includes a reverse shell payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IpSwitch IMAIL Server IMAPD versions 7.04 to 8.15
No auth needed
Prerequisites: Network access to the target IMAP service (port 143) · Knowledge of the target version for correct offset selection
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by nolimit · cremotewindows
https://www.exploit-db.com/exploits/1035

This exploit targets a stack overflow vulnerability in IpSwitch IMAP Server (CVE-2005-1255) to achieve remote code execution via a reverse shell payload. It uses alpha-numeric shellcode encoding to bypass basic stack protections and includes offsets for various Windows versions.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IpSwitch IMAP Server (versions affected by CVE-2005-1255)
No auth needed
Prerequisites: Network access to the target IMAP server · Knowledge of the target's Windows version for offset selection
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/13727
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1014047
Vendor Advisory third-party-advisory x_refsource_idefense
http://www.idefense.com/application/poi/display?id=243&type=vulnerabilities

Scores

EPSS 0.4281
EPSS Percentile 98.5%

Details

Status published
Products (4)
ipswitch/imail 8.12
ipswitch/imail 8.13
ipswitch/imail_server < 8.2_hotfix_2
ipswitch/ipswitch_collaboration_suite
Published May 25, 2005
Tracked Since Feb 18, 2026