J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1546
    posted: 11/23/09
  • NSM Daily Update #1546
    posted: 11/23/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1546
    posted: 11/23/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/23/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/22/09

Title: Ipswitch IMail Server Weak Password Encryption Weakness

Severity: MODERATE

Description:

Ipswitch IMail is an e-mail server that serves clients their mail via a web interface. It runs on Microsoft Windows operating systems.

Ipswitch IMail is reported to use a weak encryption algorithm when obfuscating saved passwords. A local attacker who has the ability to read the encrypted passwords from the system registry may easily derive the plaintext password if the username that is associated with the password is known.

This is because Ipswitch IMail uses a variation of Vigenere cipher, which is a simple polyalphabetic substitution cipher. The key used to obscure the password is the username that is associated with the password.

By subtracting the hexadecimal values that correspond to the ASCII codes of the username, from the hexadecimal values that represent the ASCII codes of the password hash, an attacker may derive the plaintext password.

A local attacker may exploit this weakness to disclose user credentials.

Affected Products:

  • Ipswitch IMail 5.0.0
  • Ipswitch IMail 5.0.5
  • Ipswitch IMail 5.0.6
  • Ipswitch IMail 5.0.7
  • Ipswitch IMail 5.0.8
  • Ipswitch IMail 6.0.0
  • Ipswitch IMail 6.0.1
  • Ipswitch IMail 6.0.2
  • Ipswitch IMail 6.0.3
  • Ipswitch IMail 6.0.4
  • Ipswitch IMail 6.0.5
  • Ipswitch IMail 6.0.6
  • Ipswitch IMail 6.1.0
  • Ipswitch IMail 6.2.0
  • Ipswitch IMail 6.3.0
  • Ipswitch IMail 6.4.0
  • Ipswitch IMail 7.0.1
  • Ipswitch IMail 7.0.2
  • Ipswitch IMail 7.0.3
  • Ipswitch IMail 7.0.4
  • Ipswitch IMail 7.0.5
  • Ipswitch IMail 7.0.6
  • Ipswitch IMail 7.0.7
  • Ipswitch IMail 7.1.0
  • Ipswitch IMail 7.12.0
  • Ipswitch IMail 8.0.3
  • Ipswitch IMail 8.0.5
  • Ipswitch IMail 8.1.0
  • Microsoft Windows NT 4.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.