MailMarshal contains a flaw that may allow an attacker to modify arbitrary accounts via the Spam Quarantine interface. The issue is due to the password reset feature in the HTTP interface not properly sanitizing user supplied input. By sending a crafted string in the UserID variable with a large amount of trailing whitespace characters, an attacker can trigger an SQL buffer truncation and modify arbitrary accounts.
Upgrade to version 6.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Secunia Advisory ID:26018 Other Advisory URL: http://www.sec-1labs.co.uk/advisories/BTA_Full.pdf Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0323.html CVE-2007-3796 Bugtraq ID: 24936