| VID |
21729 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of IceWarp Web Mail which is older or as old as than version 5.3.3 is tested as installed on the host. IceWarp Web Mail is a Web mail server for Microsoft Windows platforms. Merak Mail Server version 8.2.4r with IceWarp Web Mail version 5.5.1 and possibly other versions are vulnerable to multiple vulnerabilities, including directory traversal, cross-site scripting, arbitrary file deletion, and path disclosure as follows:
1) Directory Traversal Vulnerability via the helpid parameter of the help.html script: By viewing the user.dat or the users.dat files, a remote unauthenticated attacker could obtain sensitive information including user names and passwords.
2) Multiple Cross-Site Scripting Vulnerabilities in the blank.html, calendar_d.html, calendar_m.html, and calendar_w.html scripts
3) Physical Path Disclosure Vulnerability in the bw_list.inc script
4) Arbitrary File Deletion Vulnerability via the id parameter of the logout.html script
* References:
http://archives.neohapsis.com/archives/bugtraq/2005-09/0345.html
* Platforms Affected:
IceWarp Software, IceWarp Web Mail 5.5.1 and possibly other versions
Merak Mail Server, Inc., Merak Mail Server 8.2.4r and possibly other versions
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of October 2005.
Upgrade to a version of Merak Mail Server (greater than 8.2.4r with Icewarp Web Mail 5.5.1), when new fixed version becomes available from the Merak Mail Server Web site at http://www.merakmailserver.com/Products/Merak_Mail_Server/ |
| Related URL |
CVE-2005-3131,CVE-2005-3132,CVE-2005-3133 (CVE) |
| Related URL |
14988,14986,14980 (SecurityFocus) |
| Related URL |
22483,22484,22485 (ISS) |
|
