@Mail Multiple Local Information Disclosure Vulnerabilities
BID:30434
Info
@Mail Multiple Local Information Disclosure Vulnerabilities
| Bugtraq ID: | 30434 |
| Class: | Access Validation Error |
| CVE: |
CVE-2008-3395 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 30 2008 12:00AM |
| Updated: | May 07 2015 05:25PM |
| Credit: | injusticeinamerica |
| Vulnerable: |
AtMail @Mail 5.41 |
| Not Vulnerable: | |
Discussion
@Mail Multiple Local Information Disclosure Vulnerabilities
@Mail is prone to multiple information-disclosure vulnerabilities because the application fails to properly restrict access to sensitive files.
An unprivileged attacker may exploit these issues to obtain sensitive information.
@Mail 5.41 is vulnerable; other versions may also be affected.
@Mail is prone to multiple information-disclosure vulnerabilities because the application fails to properly restrict access to sensitive files.
An unprivileged attacker may exploit these issues to obtain sensitive information.
@Mail 5.41 is vulnerable; other versions may also be affected.
Exploit / POC
@Mail Multiple Local Information Disclosure Vulnerabilities
Attackers can exploit these issues using readily available tools or standard operating system commands.
Attackers can exploit these issues using readily available tools or standard operating system commands.
Solution / Fix
@Mail Multiple Local Information Disclosure Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].