Vulnerabilities > CVE-2007-0651 - Unspecified vulnerability in Mailenable Professional

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mailenable

nessus

NVD

Published: 2007-02-15

Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/.

Vulnerable Configurations

Part	Description	Count
Application	Mailenable Mailenable Mailenable Professional 1.107 Mailenable Mailenable Professional 1.14 Mailenable Mailenable Professional 2.33 Mailenable Mailenable Professional 1.101 Mailenable Mailenable Professional 1.52 Mailenable Mailenable Professional 1.15 Mailenable Mailenable Professional 1.115 Mailenable Mailenable Professional 1.17 Mailenable Mailenable Professional 1.106 Mailenable Mailenable Professional 1.0.007 Mailenable Mailenable Professional 1.111 Mailenable Mailenable Professional 1.108 Mailenable Mailenable Professional 1.18 Mailenable Mailenable Professional 1.7 Mailenable Mailenable Professional 1.116 Mailenable Mailenable Professional 1.5 Mailenable Mailenable Professional 1.114 Mailenable Mailenable Professional 1.72 Mailenable Mailenable Professional 1.0.016 Mailenable Mailenable Professional 1.83 Mailenable Mailenable Professional 1.0.011 Mailenable Mailenable Professional 1.103 Mailenable Mailenable Professional 1.102 Mailenable Mailenable Professional 1.0.006 Mailenable Mailenable Professional 1.0.008 Mailenable Mailenable Professional 1.0.005 Mailenable Mailenable Professional 1.19 Mailenable Mailenable Professional 1.0.004 Mailenable Mailenable Professional 1.82 Mailenable Mailenable Professional 1.0.014 Mailenable Mailenable Professional 1.0.010 Mailenable Mailenable Professional 2.0 Mailenable Mailenable Professional 1.2A Mailenable Mailenable Professional 2.35 Mailenable Mailenable Professional 1.0.012 Mailenable Mailenable Professional 1.109 Mailenable Mailenable Professional 1.51 Mailenable Mailenable Professional 1.0.017 Mailenable Mailenable Professional 2.34 Mailenable Mailenable Professional 1.113 Mailenable Mailenable Professional 2.32 Mailenable Mailenable Professional 1.54 Mailenable Mailenable Professional 1.16 Mailenable Mailenable Professional 1.105 Mailenable Mailenable Professional 1.2 Mailenable Mailenable Professional 1.0.013 Mailenable Mailenable Professional 1.12 Mailenable Mailenable Professional 1.0.015 Mailenable Mailenable Professional 1.13 Mailenable Mailenable Professional 2.2 Mailenable Mailenable Professional 1.104 Mailenable Mailenable Professional 1.110 Mailenable Mailenable Professional 1.84 Mailenable Mailenable Professional 1.112 Mailenable Mailenable Professional 1.53 Mailenable Mailenable Professional 2.351 Mailenable Mailenable Professional 2.1 Mailenable Mailenable Professional 1.6 Mailenable Mailenable Professional 1.0.009 Mailenable Mailenable Professional 1.73 Mailenable Mailenable Professional 1.1	61

Nessus

NASL family	CGI abuses
NASL id	MAILENABLE_WEBMAIL_XSS.NASL
description	The Web Mail Client bundled with the version of MailEnable installed on the remote host reportedly fails to properly sanitize email messages and various script parameters of malicious script code, which can lead to cross-site scripting, cross-site request forgery, and script insertion attacks against the affected software.
last seen	2020-06-01
modified	2020-06-02
plugin id	24345
published	2007-02-15
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24345
title	MailEnable Web Mail Client Multiple Vulnerabilities (XSS, CSRF)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(24345); script_version("1.17"); script_cvs_date("Date: 2018/11/15 20:50:17"); script_cve_id("CVE-2007-0651", "CVE-2007-0652"); script_bugtraq_id(22554); script_name(english:"MailEnable Web Mail Client Multiple Vulnerabilities (XSS, CSRF)"); script_summary(english:"Checks version of MailEnable"); script_set_attribute(attribute:"synopsis", value: "The remote webmail service is affected by multiple issues." ); script_set_attribute(attribute:"description", value: "The Web Mail Client bundled with the version of MailEnable installed on the remote host reportedly fails to properly sanitize email messages and various script parameters of malicious script code, which can lead to cross-site scripting, cross-site request forgery, and script insertion attacks against the affected software." ); script_set_attribute(attribute:"see_also", value:"https://secuniaresearch.flexerasoftware.com/secunia_research/2007-38/advisory/" ); script_set_attribute(attribute:"see_also", value:"http://www.mailenable.com/Professional20-ReleaseNotes.txt" ); script_set_attribute(attribute:"see_also", value:"http://www.mailenable.com/Enterprise20-ReleaseNotes.txt" ); script_set_attribute(attribute:"solution", value: "Upgrade to MailEnable Professional Edition 1.85 / 2.37 or Enterprise 1.42 / 2.37 or later as they are rumoured to address the issues." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/15"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/02/14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mailenable:mailenable"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_dependencies("mailenable_detect.nasl"); script_require_keys("SMB/MailEnable/Installed"); script_require_ports(139, 445); exit(0); } if (!get_kb_item("SMB/MailEnable/Installed")) exit(0); if (get_kb_item("SMB/MailEnable/Standard")) prod = "Standard"; if (get_kb_item("SMB/MailEnable/Professional")) prod = "Professional"; else if (get_kb_item("SMB/MailEnable/Enterprise")) prod = "Enterprise"; # Check version of MailEnable. if (prod == "Professional" \|\| prod == "Enterprise") { kb_base = "SMB/MailEnable/" + prod; ver = get_kb_item(kb_base+"/Version"); if (isnull(ver)) exit(0); if ( # 1.0-1.84 Professional Edition # 2.0-2.36 Professional Edition (prod == "Professional" && ver =~ "^(1\.([0-7]($\|[0-9.])\|8$\|8[0-4])\|2\.([0-2]($\|[0-9.])\|3($\|[0-6])))") \|\| # 1.0-1.41 Enterprise Edition # 2.0-2.36 Enterprise Edition (prod == "Enterprise" && ver =~ "^(1\.([0-3]($\|[0-9].)\|4$\|4[01])\|2\.([0-2]($\|[0-9.])\|3($\|[0-6])))") ) { security_warning(get_kb_item("SMB/transport")); set_kb_item(name: 'www/0/XSS', value: TRUE); } }

Summary

Vulnerable Configurations

Nessus

References