Summary
The host is running Merak Mail Server and is prone to Cross-Site Script vulnerabilities.
Vulnerability:
- Error in cleanHTML function in server/inc/tools.php is related to the email view and incorrect processing of HTML filtering.
- Error in getHTML function in server/inc/rss/item.php is related to title, link, or description element in an RSS feed.
- Error exists in search form in server/webmail.php in the Groupware component via 'sql' and 'order_by' elements in an XML search query.
- Error occur in Forgot Password implementation in server/webmail.php via CRLF sequences preceding a Reply-To header in the subject element of an XML document.
Impact
Successful attacks will allow attackers to inject arbitrary web script or HTML script code via a specially crafted email in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to Merak Mail Server 9.4.2
http://www.icewarp.com
Affected
Merak Mail Server prior to 9.4.2
References
- http://www.redteam-pentesting.de/advisories/rt-sa-2009-001
- http://www.redteam-pentesting.de/advisories/rt-sa-2009-002
- http://www.redteam-pentesting.de/advisories/rt-sa-2009-003
- http://www.redteam-pentesting.de/advisories/rt-sa-2009-004
- http://www.vupen.com/english/advisories/2009/1253
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1467, CVE-2009-1468, CVE-2009-1469 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- An Image Gallery Directory Traversal Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability