CVE-2007-0887

axigen <2.0.0b1 - DoS

Title source: llm

Description

axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · cdoslinux

https://www.exploit-db.com/exploits/3290

View Code ZIP pw:eip

References (6)

[Broken Link] http://osvdb.org/33165

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3290

[Third Party Advisory] http://marc.info/?l=full-disclosure&m=117094708423302&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/32345

[Permissions Required] http://secunia.com/advisories/24073

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22473

Scores

EPSS 0.1403

EPSS Percentile 94.4%

Details

CWE

CWE-476

Status published

Products (2)

gecad_technologies/axigen_mail_server 1.2.6

gecad_technologies/axigen_mail_server 2.0.0b1

Published Feb 12, 2007

Tracked Since Feb 18, 2026