|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[VulnWatch] Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal)
From: SecurITeam BugTraq Monitoring (bugtraq
securiteam.com)
Date: Mon Jun 16 2003 - 04:31:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Summary:
Mailtraq is a "comprehensive e-mail SMTP/POP3 and proxy server, with a powerful
mailing list server". The product suffeed from multiple vulnerabilities that
range from access to files that reside outside the bounding HTML root directory
(through dnying access to the server by causing the server to utilize a high CPU
percentage) through decryption of locally stored password, to a cross site
scripting vulnerability in the web mail interface.
Vulnerable version:
* Mailtraq version 2.1.0.1302
Immune version:
* Mailtraq version 2.3.2.1419
For the complete advisory see:
http://www.securiteam.com/windowsntfocus/5HP0G1FAAC.html
Thanks
SecurITeam
http://www.SecurITeam.com
http://www.BeyondSecurity.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]