Winmail Server main.php file overwrite
| winmail-main-file-overwrite (23132) |  Medium Risk |
Description:
Magic Winmail Server could allow a remote attacker to overwrite arbitrary files on the system. A remote attacker could send a specially-crafted request to the admin/main.php script using the sid parameter to overwrite arbitrary files with session information using directory traversal attacks.
Platforms Affected:
- AMAX Information Technologies, Winmail Server 4.2 (Build 0824)
- Microsoft, Windows 2003 Server
Remedy:
No remedy available as of November 2008.
Consequences:
File Manipulation
References:
- Winmail Server Web site, Winmail EMail Server Document at http://www.magicwinmail.net/technic.asp.
- BID-15493: Magic Winmail Server Multiple Input Validation Vulnerabilities
- CVE-2005-3811: Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to overwrite arbitrary files with session information via the sid parameter.
- OSVDB ID: 20925: Winmail Server /admin/main.php sid Variable Traversal Arbitrary File Overwrite
- SA16665: Winmail Server Multiple Vulnerabilities
- VUPEN/ADV-2006-0858: Winmail Server Webmail Module Multiple Unspecified Security Vulnerabilities
Reported:
Nov 18, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net