| VID |
21840 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The NeoMail program is vulnerable to a security bypass vulnerability in the neomail-prefs.pl script. NeoMail is an open-source webmail application written in Perl. NeoMail version 1.28 and earlier versions could allow a remote attacker to bypass security restrictions, caused by improper validation of the 'sessionid' parameter in the 'neomail-prefs.pl' script, when configured with homedirfolders and homedirspools disabled. A remote attacker could exploit this vulnerability to create or delete arbitrary mail-folder files in arbitrary directories writable by the mail group. Successful exploitation requires that NeoMail is configured with $homedirfolders = 'no' and $homedirspools = 'no'.
* References:
http://secunia.com/secunia_research/2006-3/advisory/
http://sourceforge.net/project/shownotes.php?release_id=392562&group_id=2874
http://secunia.com/advisories/18785/
http://www.frsirt.com/english/advisories/2006/0564
* Platforms Affected:
NeoCode Solutions, Inc., NeoMail version 1.28 and earlier versions
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of NeoMail (1.29 or later), available from the NeoMail Web site at http://neocodesolutions.com/software/neomail/ |
| Related URL |
CVE-2006-0711 (CVE) |
| Related URL |
16651 (SecurityFocus) |
| Related URL |
24737 (ISS) |
|
