Ipswitch IMail 5.0.8/6.0/6.1 - IMonitor 'status.cgi' Denial of Service

Author: Ussr Labs
type: dos
platform: windows
port: 
date_added: 2000-01-05 
date_updated: 2012-07-16 
verified: 1 
codes: CVE-2000-0056;OSVDB-1190 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/914/info

IMail includes a service called IMail Monitor which is used for local and remote performance measuring and diagnostics. It includes a small webserver operating on port 8181 to support web-based monitoring. One of the cgi scripts, status.cgi, is used to determine which services are currently running and create a web pafge to report this information. Multiple simultaneous requests for status.cgi will cause the software to crash, with a Dr. Watson error of "Invalid Memory Address".

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19711-1.exe

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19711-2.zip