PieterPost Anonymous Email Sending and Default Account

2003-11-29T05:27:34
ID OSVDB:2881
Type osvdb
Reporter OSVDB
Modified 2003-11-29T05:27:34

Description

Vulnerability Description

PieterPost contains a default account named "virtual" which requires no authentication. While this account is limited in privileges, it will allow any remote attacker to send/relay e-mail through the target system.

Technical Description

Requirements: - This will work only with a default configuration (localhost as pop3 server) - Requires a "weak" MTA agent

Benefits: - posible to change From header sending from localhost

Solution Description

Upgrade to version 0.10.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

PieterPost contains a default account named "virtual" which requires no authentication. While this account is limited in privileges, it will allow any remote attacker to send/relay e-mail through the target system.

Manual Testing Notes

http://server.com/pp.php?action=login Login as "virtual"

References:

Secunia Advisory ID:10321 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0345.html ISS X-Force ID: 13866 Bugtraq ID: 9128