CMailServer admin.asp XSS

2004-11-24T07:33:14
ID OSVDB:12133
Type osvdb
Reporter Tan Chew Keong(vuln@secunia.com)
Modified 2004-11-24T07:33:14

Description

Vulnerability Description

CMailServer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate users' details (username, name, comments, etc.) which are displayed in admin.asp. This could allow a malicious user to create specially crafted user details via setpersoninfo.asp that would execute arbitrary code in the WebMail administrator's browser, leading to a loss of integrity.

Solution Description

Upgrade to version 5.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

CMailServer contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate users' details (username, name, comments, etc.) which are displayed in admin.asp. This could allow a malicious user to create specially crafted user details via setpersoninfo.asp that would execute arbitrary code in the WebMail administrator's browser, leading to a loss of integrity.

References:

Vendor URL: http://www.youngzsoft.net/cmailserver/ Security Tracker: 1012324 Secunia Advisory ID:13298 Related OSVDB ID: 12130 Related OSVDB ID: 12132 Related OSVDB ID: 12131 Other Advisory URL: http://www.security.org.sg/vuln/cmailserver52.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-11/0329.html ISS X-Force ID: 18280 CVE-2004-1130 Bugtraq ID: 11742