Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
BID:13597
Info
Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
| Bugtraq ID: | 13597 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 11 2005 12:00AM |
| Updated: | May 11 2005 12:00AM |
| Credit: | Dr_insane is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Woppoware PostMaster 4.2.2 |
| Not Vulnerable: | |
Discussion
Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
PostMaster is prone to multiple input validation and information disclosure vulnerabilities.
These issue could permit a remote attacker to gain access to arbitrary user accounts, manipulate site content to perform cross-site scripting attacks, enumerate arbitrary files on the affected server or provide an attacker with additional information to aid in password brute force attacks.
These issues are reported to affect PostMaster version 4.2.2; other versions may also be vulnerable.
PostMaster is prone to multiple input validation and information disclosure vulnerabilities.
These issue could permit a remote attacker to gain access to arbitrary user accounts, manipulate site content to perform cross-site scripting attacks, enumerate arbitrary files on the affected server or provide an attacker with additional information to aid in password brute force attacks.
These issues are reported to affect PostMaster version 4.2.2; other versions may also be vulnerable.
Exploit / POC
Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
No exploit is required.
No exploit is required.
Solution / Fix
Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities
References:
References:
- PostMaster Homepage (Woppoware)