ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
BID:13323
Info
ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
| Bugtraq ID: | 13323 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 22 2005 12:00AM |
| Updated: | Apr 22 2005 12:00AM |
| Credit: | ShineShadow <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
ArGoSoft Mail Server Pro 1.8.7 .6 |
| Not Vulnerable: | |
Discussion
ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
ArGoSoft Mail Server is prone to an unauthenticated access vulnerability regarding the creation of new accounts.
This issue is due to a failure in the application to require authentication before accessing the 'addnew' script.
ArGoSoft Mail Server is prone to an unauthenticated access vulnerability regarding the creation of new accounts.
This issue is due to a failure in the application to require authentication before accessing the 'addnew' script.
Exploit / POC
ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ArGoSoft Mail Server AddNew Unauthenticated Access Vulnerability
References:
References:
- Mail Server Homepage (ArGoSoft)
- Multiple vulnerabilities in Argosoft Mail Server 1.8.7.6 (ShineShadow