|
Brought to you by:
Suppliers of:
|
|
|
| |
Winmail Server is "an enterprise class mail server software system offering a robust feature set, including extensive security measures. Winmail Server supports SMTP, POP3, IMAP, Webmail, LDAP, multiple domains, SMTP authentication, spam protection, anti-virus protection, SSL/TLS security, Network Storage, remote access, Web-based administration, and a wide array of standard email options such as filtering, signatures, real-time monitoring, archiving, and public email folders".
Several scripts (chgpwd.php, domain.php and user.php) that come with Winmail Server have been found to disclose sensitive information on the remote hosts. |
| |
Credit:
The information has been provided by GSS IT.
|
| |
Vulnerable Systems:
* Winmail Server version 4.0 (Build 1112)
Exploit:
Access the following URL: http://127.0.0.1:6080/admin/chgpwd.php, as an alternative you can try and access the following pages domain.php, user.php found under the same directory.
Workaround:
You can edit c:\windows\winmail_php.ini change:
display_errors = On
To
display_errors = Off
|
|
|
|
|
