Magic Winmail Server user.php cross-site scripting

magic-winmail-userphp-xss (19113) The risk level is classified as MediumMedium Risk

Description:

Magic Winmail Server is a POP3 and SMTP server for Microsoft Windows platforms. Magic Winmail Server version 4.0 Build 1112 and possibly earlier versions running on Microsoft Windows 2000 SP4 and Windows XP SP2 are vulnerable to cross-site scripting, caused by improper validation of user-supplied input in the user.php script. A remote attacker with an account on Winmail Server could create a entry using the userinfo.php script containing malicious embedded script, which would be executed in the Winmail Server administrator's Web browser, once the user.php script is used to view the malicious information. An attacker could use this vulnerability to steal the administrator's cookie-based authentication credentials.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Magic Winmail Server (4.0 Build 1318 or later), available from the Winmail Server Web site. See References.

References:

  • BugTraq Mailing List, Thu Jan 27 2005 - 09:55:44 CST: Magic Winmail Server v4.0 Multiple Vulnerabilities.
  • Winmail Server Web site: Winmail Mail Server - Professional and Easy to Use.
  • BID-12388: Magic Winmail Server Multiple Vulnerabilities
  • CVE-2005-0314: Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields.
  • SA14053: Winmail Server Multiple Vulnerabilities
  • SECTRACK ID: 1013017: Magic Winmail Server Input Validation Holes in Webmail and IMAP Services Allow Directory Traversal Attacks

Platforms Affected:

  • AMAX Information Technologies Winmail Server 4.0 (Build 1112)
  • Microsoft Windows 2000 SP4
  • Microsoft Windows XP SP2

Reported:

Jan 27, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page