Unrated severityNVD Advisory· Published Dec 31, 2001· Updated Jun 16, 2026
CVE-2001-1211
CVE-2001-1211
Description
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.
Affected products
9cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.4:*:*:*:*:*:*:*
- (no CPE)range: <=7.0.4
Patches
Vulnerability mechanics
References
5- www.iss.net/security_center/static/7752.phpnvdVendor Advisory
- www.securityfocus.com/archive/1/247786nvdVendor Advisory
- www.securityfocus.com/bid/3766nvdVendor Advisory
- support.ipswitch.com/kb/IM-20011219-DM01.htmnvd
- support.ipswitch.com/kb/IM-20020301-DM02.htmnvd
News mentions
0No linked articles in our index yet.