Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | ArGoSoft Mail Server Input Validation Holes Allow Remote Authenticated Users to Upload/Download Files and Create/Delete Directories |
|---|
Categorie: Vulnerability
Posted: 2005-02-11 by ReCall
Views: 327
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: Tan Chew Keong of SIG^2 Vulnerability Research reported several vulnerabilities in ArGoSoft Mail Server. A remote authenticated user can upload files to arbitrary locations, download arbitrary files (including other users' email), and create or delete arbitrary directories on the target system.
The webmail software does not properly validate user-supplied filenames for e-mail attachments. A remote authenticated user can specify a specially crafted filename to upload a file to an arbitrary location on the target system. This can be exploited, for example, to overwrite a target user's 'userdata.rec' password file.
A remote authenticated user can upload a specially crafted '_msgatt.rec' file containing directory traversal characters to cause the server to send arbitrary files on the server to the target user as an attachment. This can be exploited, for example, to obtain a target user's password file.
The '/msg' and '/delete' 'Folder' parameter is not properly validated. A remote authenticated user can view or delete a target user's e-mail by supplying directory traversal characters and a correct UIDL.
The '/folderadd' and '/folderdelete' 'Folder' parameter is not properly validated. A remote authenticated user can supply directory traversal characters in the parameter to create or delete arbitrary directories on the target system.
The vendor was notified on February 8, 2004.
The original advisory is available at:
http://www.security.org.sg/vuln/argosoftmail1873.html
Impact: A remote authenticated user can upload files to arbitrary locations on the target system.
A remote authenticated user can download arbitrary files (including other users' email).
A remote authenticated user can create or delete arbitrary directories on the target system.
Solution: The vendor has issued a fixed version (1.8.7.4), available at:
http://www.argosoft.com/mailserver/download.aspx
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1350
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
