IceWarp Merak Mail Server Password Disclosure Vulnerability
BID:12171
Info
IceWarp Merak Mail Server Password Disclosure Vulnerability
| Bugtraq ID: | 12171 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 16 2000 12:00AM |
| Updated: | Jul 16 2000 12:00AM |
| Credit: | This vulnerability was announced by the vendor. |
| Vulnerable: |
IceWarp Merak Mail Server 2.1 0.280 |
| Not Vulnerable: |
IceWarp Merak Mail Server 2.1 0.290 |
Discussion
IceWarp Merak Mail Server Password Disclosure Vulnerability
IceWarp Merak Mail Server is reportedly affected by a password disclosure vulnerability through the 'Web Admin' interface.
The vendor has reported that IceWarp Merak Mail 2.10.280 is affected, earlier versions may also be vulnerable but that has not been confirmed.
The vendor has addressed this issue in IceWarp Merak Mail 2.10.290 and later.
IceWarp Merak Mail Server is reportedly affected by a password disclosure vulnerability through the 'Web Admin' interface.
The vendor has reported that IceWarp Merak Mail 2.10.280 is affected, earlier versions may also be vulnerable but that has not been confirmed.
The vendor has addressed this issue in IceWarp Merak Mail 2.10.290 and later.
Exploit / POC
IceWarp Merak Mail Server Password Disclosure Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
IceWarp Merak Mail Server Password Disclosure Vulnerability
Solution:
The vendor has addressed this issue in IceWarp Merak Mail 2.10.290 and later.
IceWarp Merak Mail Server 2.1 0.280
Solution:
The vendor has addressed this issue in IceWarp Merak Mail 2.10.290 and later.
IceWarp Merak Mail Server 2.1 0.280
-
IceWarp Merak Mail Server Latest Downloadable Version
http://www.icewarp.com/download/merak.zip
References
IceWarp Merak Mail Server Password Disclosure Vulnerability
References:
References: