NetMailshar Professional Webmail Service Directory Traversal Vulnerability
BID:13293
Info
NetMailshar Professional Webmail Service Directory Traversal Vulnerability
| Bugtraq ID: | 13293 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 21 2005 12:00AM |
| Updated: | Apr 21 2005 12:00AM |
| Credit: | Dr_insane is credited with the discovery of this vulnerability. |
| Vulnerable: |
netMailshar netMailshar 4.0 |
| Not Vulnerable: | |
Discussion
NetMailshar Professional Webmail Service Directory Traversal Vulnerability
netMailshar Professional is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
This issue enables an attacker to disclose the contents of arbitrary files normally accessible to the application. Information gathered could be used to in further attacks against the underlying system.
This issue is reported to affect netMailshar version 4; earlier versions may also be vulnerable.
netMailshar Professional is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
This issue enables an attacker to disclose the contents of arbitrary files normally accessible to the application. Information gathered could be used to in further attacks against the underlying system.
This issue is reported to affect netMailshar version 4; earlier versions may also be vulnerable.
Exploit / POC
NetMailshar Professional Webmail Service Directory Traversal Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
NetMailshar Professional Webmail Service Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
NetMailshar Professional Webmail Service Directory Traversal Vulnerability
References:
References:
- netMailshar Homepage (netMailshar)