OSVDB ID: 4118

Title: Magic Winmail Server LDapLib.PHP Path Disclosure

Info

Disclosure
Mar 01, 2004

Discovery
Mar 01, 2004

Dates

Exploit
Unknown

Solution
Unknown

Description

 Magic Winmail Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered because the LDapLib.PHP file does not properly filter user input, which will disclose installation path information resulting in a loss of confidentiality.

Classification

 Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Confidentiality
Exploit: Exploit Available
OSVDB: Web Related

Solution

 Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

AMAX Information Technologies Inc.

Magic Winmail Server

 3.6

References

Credit
  • Dr_insane - dr_insaneBrand New Doo Doopathfinder.gr - Personal Page


Direct URL: http://osvdb.org/36218