[VulnWatch] Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal)
From: SecurITeam BugTraq Monitoring (bugtraq_at_securiteam.com)
Date: 06/16/03
- Previous message: SecurITeam BugTraq Monitoring: "Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <vulnwatch@vulnwatch.org> Date: Mon, 16 Jun 2003 11:31:27 +0200
Summary:
Mailtraq is a "comprehensive e-mail SMTP/POP3 and proxy server, with a powerful
mailing list server". The product suffeed from multiple vulnerabilities that
range from access to files that reside outside the bounding HTML root directory
(through dnying access to the server by causing the server to utilize a high CPU
percentage) through decryption of locally stored password, to a cross site
scripting vulnerability in the web mail interface.
Vulnerable version:
* Mailtraq version 2.1.0.1302
Immune version:
* Mailtraq version 2.3.2.1419
For the complete advisory see:
http://www.securiteam.com/windowsntfocus/5HP0G1FAAC.html
Thanks
SecurITeam
http://www.SecurITeam.com
http://www.BeyondSecurity.com
- Previous message: SecurITeam BugTraq Monitoring: "Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Traversal)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- Re: Web Server Botnets and Server Farms as Attack Platforms
... Web Server Botnets and Server Farms as Attack ... We discuss how these attacks
work using file inclusion ... vulnerabilities and PHP shells. ... place platform
by platform, ... (Bugtraq) - Re: [Full-disclosure] Web Server Botnets and Server Farms as Attack Platforms
... Web Server Botnets and Server Farms as Attack ... We discuss how these attacks
work using file inclusion ... vulnerabilities and PHP shells. ... place platform
by platform, ... (Full-Disclosure) - Re: [Full-disclosure] Web Server Botnets and Server Farms as Attack Platforms
... >an article on cross platform web server malware and their massive use as ...
>We discuss how these attacks work using file inclusion ... >vulnerabilities
and PHP shells. ... >place platform by platform, ... (Full-Disclosure) - [Full-Disclosure] Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Tr
... Mailtraq is a "comprehensive e-mail SMTP/POP3 and proxy server, ... The
product suffeed from multiple vulnerabilities that ... (Securiteam) - [Full-Disclosure] Multiple Vulnerabilities Found in Mailtraq (DoS, Password Decryption, Directory Tr
... Mailtraq is a "comprehensive e-mail SMTP/POP3 and proxy server, ... The
product suffeed from multiple vulnerabilities that ... (Full-Disclosure)
