Detections
Analytics
IceWarp Web Mail < 5.3.0 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 2365
Synopsis
The remote host is vulnerable to multiple attack vectors.Description
The remote host is running IceWarp Web Mail, a webmail solution available for the Microsoft Windows platform.The remote version of this software is vulnerable to multiple input validation issues that may allow an attacker to compromise the integrity of the remote host.
Solution
Upgrade to IceWarp Web Mail 5.3.0 or higher.See Also
http://www.nessus.org/u?fc61aa25
http://www.securityfocus.com/archive/1/380446/30/0/threaded
http://archives.neohapsis.com/archives/bugtraq/2004-09/0087.html
Plugin Details
Severity: High
ID: 2365
Family: Web Servers
Published: 10/13/2004
Updated: 3/6/2019
Nessus ID: 15469
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:icewarp:web_mail
Reference Information
CVE: CVE-2004-1669, CVE-2004-1670, CVE-2004-1671, CVE-2004-1672, CVE-2004-1673, CVE-2004-1674
BID: 11371