Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Published: 2005-05-02
Updated: 2017-07-11
Summary
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensitive information via an HTTP request to (1) calendar_d.html, (2) calendar_m.html, (3) calendar_w.html, or (4) calendar_y.html, which reveal the installation path.
Vulnerable Configurations
Part | Description | Count |
Application | Icewarp | 1 |
Application | Merak | 1 |
Nessus
NASL family | CGI abuses |
NASL id | ICEWARP_WEBMAIL_VULNS3.NASL |
description | The remote host is running IceWarp Web Mail - a webmail solution available for the Microsoft Windows platform. The remote version of this software is vulnerable to multiple input validation issues that could allow an attacker to compromise the integrity of the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 16273 |
published | 2005-01-29 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/16273 |
title | IceWarp Web Mail Multiple Flaws (3) |
code | #
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(16273);
script_version("1.15");
script_cvs_date("Date: 2018/11/15 20:50:17");
script_cve_id("CVE-2005-0320", "CVE-2005-0321");
script_bugtraq_id(12396);
script_name(english:"IceWarp Web Mail Multiple Flaws (3)");
script_summary(english:"Check the version of IceWarp WebMail");
script_set_attribute(attribute:"synopsis", value:
"The remote web server is running a webmail application that is
affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote host is running IceWarp Web Mail - a webmail solution
available for the Microsoft Windows platform.
The remote version of this software is vulnerable to multiple
input validation issues that could allow an attacker to compromise the
integrity of the remote host.");
script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/388751/30/0/threaded");
script_set_attribute(attribute:"solution", value:
"Upgrade to IceWarp Web Mail 5.3.3 or newer.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2005/01/29");
script_set_attribute(attribute:"vuln_publication_date", value: "2005/01/28");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:icewarp:webmail");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
script_dependencie("icewarp_webmail_vulns.nasl");
script_require_ports("Services/www", 32000);
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
port = get_http_port(default:32000);
version = get_kb_item("www/" + port + "/icewarp_webmail/version");
if ( ! version ) exit(0);
if ( ereg(pattern:"IceWarp Web Mail ([0-4]\.|5\.([0-2]\.|3\.[0-2][^0-9]))", string:version) )
security_warning(port);
|