Winmail Server <= 4.2 Build 0824 Multiple Vulnerabilities

medium Nessus Plugin ID 20227

Synopsis

The remote webmail server is affected by directory traversal and cross-site scripting vulnerabilities.

Description

The remote host is running Winmail Server, a commercial mail server for Windows from AMAX Information Technologies.

The web interface that is used by Winmail Server for reading mail and administering the server fails to sanitize user-supplied input to various parameters and scripts. Beyond the usual cross-site scripting attacks, this can also be leveraged by an unauthenticated attacker to overwrite arbitrary files on the affected system, which could compromise the system's integrity.

Solution

Unknown at this time.

See Also

https://seclists.org/fulldisclosure/2005/Nov/588

Plugin Details

Severity: Medium

ID: 20227

File Name: winmail_42b0824.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 11/20/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:amax_information_technologies:magic_winmail_server

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 11/18/2005

Reference Information

CVE: CVE-2005-3692, CVE-2005-3811

BID: 15493

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990