{"api_version":"1","generated_at":"2026-04-23T14:23:26+00:00","cve":"CVE-2008-3606","urls":{"html":"https://cve.report/CVE-2008-3606","api":"https://cve.report/api/cve/CVE-2008-3606.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2008-3606","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2008-3606"},"summary":{"title":"CVE-2008-3606","description":"Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command.  NOTE: some of these details are obtained from third party information.","state":"PUBLISHED","assigner":"mitre","published_at":"2008-08-12 19:41:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.5","severity":"","vector":"AV:N/AC:L/Au:S/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/advisories/31442","name":"http://secunia.com/advisories/31442","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"WinGate IMAP Server Buffer Overflow Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/495264/100/0/threaded","name":"http://www.securityfocus.com/archive/1/495264/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44370","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44370","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/4146","name":"http://securityreason.com/securityalert/4146","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityReason - WinGate Email Server (IMAP) vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/30606","name":"http://www.securityfocus.com/bid/30606","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"],"title":"Qbik WinGate LIST Command Remote Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id?1020644","name":"http://www.securitytracker.com/id?1020644","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"WinGate IMAP Service Lets Remote Authenticated Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2008-3606","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3606","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"3.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.1","cpe7":"beta_a","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.3.0","cpe7":"beta_a","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.3.0","cpe7":"beta_b","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.4.0","cpe7":"beta_a","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.5.0","cpe7":"beta_a","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.5.0","cpe7":"beta_b","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"4.5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.0.1.766","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"5.2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.0.984","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.1.993","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.1.995","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.2.1000","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.2.1001","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.3.1005","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.0.4.1025","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.1.1.1077","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.1.2.1094","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.1.3.1096","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"6.2.2.1137","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2008","cve_id":"3606","vulnerable":"1","versionEndIncluding":"6.2.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"qbik","cpe5":"wingate","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T09:45:18.943Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"30606","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/30606"},{"name":"1020644","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1020644"},{"name":"31442","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/31442"},{"name":"4146","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/4146"},{"name":"20080808 [AJECT] WinGate Email Server (IMAP) vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/495264/100/0/threaded"},{"name":"wingate-imapserver-bo(44370)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-08-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command.  NOTE: some of these details are obtained from third party information."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-11T19:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"30606","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/30606"},{"name":"1020644","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1020644"},{"name":"31442","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/31442"},{"name":"4146","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/4146"},{"name":"20080808 [AJECT] WinGate Email Server (IMAP) vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/495264/100/0/threaded"},{"name":"wingate-imapserver-bo(44370)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-3606","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command.  NOTE: some of these details are obtained from third party information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"30606","refsource":"BID","url":"http://www.securityfocus.com/bid/30606"},{"name":"1020644","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1020644"},{"name":"31442","refsource":"SECUNIA","url":"http://secunia.com/advisories/31442"},{"name":"4146","refsource":"SREASON","url":"http://securityreason.com/securityalert/4146"},{"name":"20080808 [AJECT] WinGate Email Server (IMAP) vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/495264/100/0/threaded"},{"name":"wingate-imapserver-bo(44370)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-3606","datePublished":"2008-08-12T19:00:00.000Z","dateReserved":"2008-08-12T00:00:00.000Z","dateUpdated":"2024-08-07T09:45:18.943Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-08-12 19:41:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*","versionEndIncluding":"6.2.2","matchCriteriaId":"D592FD10-CC88-46CD-A726-EEC5191DE725"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:2.0:*:*:*:*:*:*:*","matchCriteriaId":"7B534B6E-B856-4E7F-A8E0-582637EE6B30"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:2.1:*:*:*:*:*:*:*","matchCriteriaId":"FA8E8CEE-E78A-46D5-B73D-C75CC8D088B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*","matchCriteriaId":"4C7BC4C8-FB7B-4A88-B97B-984D9AA8EA1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:3.0.5:*:*:*:*:*:*:*","matchCriteriaId":"87714896-157D-4343-A94F-C8CCAD285EEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"0C1D98E1-EBE1-4697-906F-E29C91D9074D"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.1:beta_a:*:*:*:*:*:*","matchCriteriaId":"077D0405-5288-40A6-81A8-A8C4D924723D"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.1.0:*:*:*:*:*:*:*","matchCriteriaId":"FE28B657-21EE-4F2E-8D1F-34D4E2642BE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.1.1:*:*:*:*:*:*:*","matchCriteriaId":"EDB73A60-062E-4A0B-B600-E1B4D613FE28"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"0F0BB2B5-9E9A-42FC-87A4-0BAD1F39C9FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"AA75B20B-3510-4CF9-A74B-BA21D5527EE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.3.0:beta_a:*:*:*:*:*:*","matchCriteriaId":"F54C4B69-397F-4322-A1AD-11AF2C7F5F67"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.3.0:beta_b:*:*:*:*:*:*","matchCriteriaId":"076063FF-B1D2-471D-ACDD-0AF3BA328069"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"B5B1AE22-2A99-4F4B-AAF6-6CBF35FEAEE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.4.0:beta_a:*:*:*:*:*:*","matchCriteriaId":"57726A67-AFC8-44E0-88D7-CA1C1DFA7C81"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.4.1:*:*:*:*:*:*:*","matchCriteriaId":"49897B9F-9A10-4034-B617-1B82405FB1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.4.2:*:*:*:*:*:*:*","matchCriteriaId":"0D8109BA-2FFF-4642-AD15-FA11CD3088AA"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.5.0:beta_a:*:*:*:*:*:*","matchCriteriaId":"E56752EB-E1F5-4132-B769-33633E1B67FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.5.0:beta_b:*:*:*:*:*:*","matchCriteriaId":"49465E28-E5CD-4533-8A01-8BBE868F2AD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.5.1:*:*:*:*:*:*:*","matchCriteriaId":"59FE243C-16F2-4C6D-BF88-FFB6CD0F29BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:4.5.2:*:*:*:*:*:*:*","matchCriteriaId":"AE5A4F3B-B855-4980-93D9-347A49E68EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.0:*:*:*:*:*:*:*","matchCriteriaId":"0AFAF415-0182-4F5C-A053-266AB919572F"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"10D7B35B-3531-4372-A338-AD8106799769"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.0.1:*:*:*:*:*:*:*","matchCriteriaId":"3712DA96-DD76-49E3-BA79-30105725DBD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.0.1.766:*:*:*:*:*:*:*","matchCriteriaId":"F912B8D6-B915-43A7-8462-F521D44DBD1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.0.5:*:*:*:*:*:*:*","matchCriteriaId":"40A0AE5B-B449-4494-828E-2FD7414F6FD1"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.1:*:*:*:*:*:*:*","matchCriteriaId":"109DF494-0194-473B-AF79-185D41202A8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.2:*:*:*:*:*:*:*","matchCriteriaId":"39B77B55-54BB-43D5-A0E9-13F20F7544F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"36B7A6B3-8C54-4743-8C42-6B22E9AD719B"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"E328107F-F19D-427D-A88A-17DCB58A459C"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E3F0670C-C07E-4A84-952B-88200D2D9B14"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.0.984:*:*:*:*:*:*:*","matchCriteriaId":"E8E6305C-F87B-4DF1-94D7-A0C63EE11E7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.1.993:*:*:*:*:*:*:*","matchCriteriaId":"8EE5BB2B-F9CB-4CDA-9CC9-C6EF5A1FF59F"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.1.995:*:*:*:*:*:*:*","matchCriteriaId":"A480A0D4-D675-4078-8F30-CD3772818303"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.2.1000:*:*:*:*:*:*:*","matchCriteriaId":"F9B03DEA-B780-404E-B940-82A7086062C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.2.1001:*:*:*:*:*:*:*","matchCriteriaId":"B5CA5961-6BAC-4BE8-95A4-DBEB0596262E"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.3.1005:*:*:*:*:*:*:*","matchCriteriaId":"ED850FD8-151C-49E7-9DF4-16B88341269B"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.0.4.1025:*:*:*:*:*:*:*","matchCriteriaId":"A406438F-7E92-4579-A32B-3E3E1C4FF8E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.1.1.1077:*:*:*:*:*:*:*","matchCriteriaId":"9FDF759C-0AAE-4760-B829-13F055AD290C"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.1.2.1094:*:*:*:*:*:*:*","matchCriteriaId":"982DE691-B50E-49B2-B4DF-EC518DFFCE75"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.1.3.1096:*:*:*:*:*:*:*","matchCriteriaId":"7F8EFCA3-2453-4272-9692-22598676DFC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.1.4:*:*:*:*:*:*:*","matchCriteriaId":"1F5F3CDE-1931-4BD9-9ABD-F07543DAC113"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.2.1:*:*:*:*:*:*:*","matchCriteriaId":"3C1E8C06-4E84-4FB8-A513-D8ACC1146BEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:qbik:wingate:6.2.2.1137:*:*:*:*:*:*:*","matchCriteriaId":"0C45F717-AC74-4F81-947B-0745A7F1883F"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2008","CveId":"3606","Ordinal":"1","Title":"CVE-2008-3606","CVE":"CVE-2008-3606","Year":"2008"},"notes":[{"CveYear":"2008","CveId":"3606","Ordinal":"1","NoteData":"Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command.  NOTE: some of these details are obtained from third party information.","Type":"Description","Title":"CVE-2008-3606"},{"CveYear":"2008","CveId":"3606","Ordinal":"2","NoteData":"2008-08-12","Type":"Other","Title":"Published"},{"CveYear":"2008","CveId":"3606","Ordinal":"3","NoteData":"2018-10-11","Type":"Other","Title":"Modified"}]}}}