Info

Disclosure

Nov 18, 2005

Discovery

Oct 28, 2005

Dates

Exploit

Nov 18, 2005

Solution

Unknown

Description

Winmail Mail Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate "retid" variables upon submission to the badlogin.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

AMAX Information Technologies Inc.

Winmail Mail Server

4.2 (build 0824)

References

Bugtraq ID: 15493
Secunia Advisory ID: 16665
CVE ID: 2005-3692 (see also: NVD)
Related OSVDB ID: 20925 20927 20928
FrSIRT Advisory: ADV-2005-2485
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0580.html
Other Advisory URL: http://secunia.com/secunia_research/2005-58/advisory/
Vendor URL: http://www.magicwinmail.net/

Credit

Secunia Security Advisories - sec-advsecunia.com - Secunia

Direct URL: http://osvdb.org/36218