Reported December 12, 2000 by XATO
Multiple vulnerabilities have been discovered in command-line mailers. Vulnerabilities range from Denial of Service (DoS) attacks to information leakage and the writing and retrieving of unauthorized data. DEMONSTRATION If
the mailer software is located in the /cgi-bin directory on the Web
server, a user can launch it with the following URL: [email protected]%20-t%20me@example.
com%20-a%20c:\logs\web.log Additionally, other problems include the ability to let INI and log files reside in the same directory as the mailer; override the default settings; modify hidden form variables; exploit debug modes; monitor all mail sent through the server; use the mailer as a bounce point for port scans; use the mailer as a bounce point for brute-force password attacks. VENDOR RESPONSE Check your vendors web site for fix and upgrade information. CREDIT |
Multiple Command Line SMTP Mailers Contain Vulnerabilities
1 comment
Hide comments