MailMarshal <= 6.2.1 tar Archive Traversal Arbitrary File Overwrite (deprecated)

ID 4203.PRM
Type nessus
Reporter Tenable
Modified 2018-09-16T00:00:00


The remote host is running MailMarshal Mail Server version 6.2.1 or lower. There is a flaw in the remote version of this server. An attacker can create an archive file such that upon opening, critical system files would be overwritten with files of the attacker's choice. Successful exploitation would result in the attacker replacing arbitrary files.

                                            Binary data 4203.prm