MailPost slash cross-site scripting

mailpost-slash-xss (17951) The risk level is classified as MediumMedium Risk

Description:

MailPost is vulnerable to cross-site scripting. A remote attacker could embed malicious script in a specially-crafted executable file with a trailing slash, which would be executed in the victim's Web browser within the security context of the hosting site, once the link is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials and possibly obtain other sensitive information.

Platforms Affected:

  • TIPS, MailPost 5.1.1 and prior

Remedy:

No remedy available as of July 4, 2009.

Consequences:

Gain Access

References:

  • MailPost Web site, MailPost - The Form-to-Email solution at http://www.mcenter.com/mailpost/.
  • ProCheckUp Security Bulletin PR04-11, MailPost v5.1.1sv and possibly earlier versions are vulnerable to Cross Site Scripting. at http://www.procheckup.com/security_info/vuln_pr0411.html.
  • BID-11598: TIPS MailPost Error Message Cross-Site Scripting Vulnerability
  • CVE-2004-1101: mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that contains a / (backslash) and arbitrary webscript before the requested file, which leaks the pathname and does not quote the script in the resulting Visual Basic error message.
  • US-CERT VU#596046: MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename

Reported:

Nov 03, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page