Detections
Analytics

Woppoware PostMaster <= 4.2.2 Multiple Vulnerabilities

medium Nessus Plugin ID 18246

Language:

Synopsis

The remote webmail service is affected by multiple flaws.

Description

According to its banner, the version of Woppoware Postmaster on the remote host suffers from multiple vulnerabilities:

 - An Authentication Bypass Vulnerability An attacker can bypass authentication by supplying an account name to the 'email' parameter of the 'message.htm' page. After this, the attacker can read existing messages, compose new messages, etc as the specified user.

 - Information Disclosure Vulnerabilities The application responds with different messages based on whether or not an entered username is valid. It also fails to sanitize the 'wmm' parameter used in 'message.htm', which could be exploited to conduct directory traversal attacks and retrieve arbitrary files from the remote host.

 - A Cross-Site Scripting Vulnerability The 'email' parameter of the 'message.htm' page is not sanitized of malicious input before use.

Solution

Reconfigure Woppoware Postmaster, disabling the webmail service.

See Also

http://packetstormsecurity.nl/0505-exploits/postmaster.txt

Plugin Details

Severity: Medium

ID: 18246

File Name: woppoware_postmaster_422.nasl

Version: 1.18

Type: remote

Family: CGI abuses

Published: 5/12/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2005-1650, CVE-2005-1651, CVE-2005-1652, CVE-2005-1653

BID: 13597

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990