BID:23908

NetWin WebMail Unspecified Vulnerability

Info

NetWin WebMail Unspecified Vulnerability

Bugtraq ID:	23908
Class:	Unknown
CVE:	CVE-2007-2655
Remote:	Yes
Local:	No
Published:	May 09 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	The vendor disclosed this issue.
Vulnerable:	NetWin WebMail 3.1s-1 NetWin WebMail 3.1r-13 NetWin SurgeMail 3.8i2 NetWin SurgeMail 3.8i NetWin SurgeMail 3.8f3

Not Vulnerable:	NetWin WebMail 3.1s-4 NetWin SurgeMail 3.8i3

Discussion

NetWin WebMail Unspecified Vulnerability

NetWin Webmail is prone to an unspecified vulnerability.

Few technical details are currently available. We will update this BID as more information emerges.

Webmail versions prior to 3.1s-4 are vulnerable. NetWin SurgeMail versions prior to 3.8i3 are also affected because they are bundled with vulnerable Webmail packages.

Exploit / POC

NetWin WebMail Unspecified Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

NetWin WebMail Unspecified Vulnerability

Solution:
Fixes have been released to address this issue. Please see the references for more information.

NetWin SurgeMail 3.8i

NetWin SurgeMail 3.8i3
http://www.netwinsite.com/download.htm

NetWin SurgeMail 3.8i2

NetWin SurgeMail 3.8i3
http://www.netwinsite.com/download.htm

NetWin WebMail 3.1s-1

NetWin Webmail 3.1s-4
http://www.netwinsite.com/download.htm

References

NetWin WebMail Unspecified Vulnerability

References:

NetWin Homepage (NetWin Limited)
SurgeMail Change History (NetWin)