@Mail filter.pl Multiple Variable XSS

2005-07-28T12:33:49
ID OSVDB:18340
Type osvdb
Reporter Lostmon Lords(Lostmon@gmail.com)
Modified 2005-07-28T12:33:49

Description

Vulnerability Description

@Mail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to filter.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Calacode has released a patch for version 4.11 to address this vulnerability.

Short Description

@Mail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to filter.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/webadmin/filter.pl?func=viewmailrelay&Order=IPaddress[XSS-CODE] http://[victim]/webadmin/filter.pl?func=filter&Header=blacklist_from&Type=1[XSS-CODE]&View=1 http://[victim]/webadmin/filter.pl?func=filter&Header=blacklist_from[XSS-CODE]&Type=1&View=1 http://[victim]/webadmin/filter.pl?func=filter&Header=whitelist_from&Type=0&Display=1&Sort=value[XSS-CODE]&Type=1&View=1

References:

Vendor URL: http://www.atmail.com/ Secunia Advisory ID:16252 Related OSVDB ID: 18339 Related OSVDB ID: 18338 Related OSVDB ID: 18337 Other Advisory URL: http://lostmon.blogspot.com/2005/07/mail-multiple-variable-cross-site.html