Microworld Mailscan 5.6.a Password Reveal Exploit

No description provided by source. / ---------------------------------------------------------------------------------------------- / / / \ \ / / / / / / \ | / / / / / // // / / |/ / //////|/ 2008 SecurityDevelopment.net Author: SlaYeR Date: 25. Aug. 2008 Email: [email protected]...

Microworld Mailscan 5.6.a - Password Reveal

/ ---------------------------------------------------------------------------------------------- / / / \ \ / / / / / / \ | / / / / / // // / / |/ / //////|/ 2008 SecurityDevelopment.net Author: SlaYeR Date: 25. Aug. 2008 Email: [email protected] Website:...

microworld-password.txt

/ ---------------------------------------------------------------------------------------------- / / / \ \ / / / / / / \ | / / / / / // // / / |/ / //////|/ 2008 SecurityDevelopment.net Author: SlaYeR Date: 25. Aug. 2008 Email: [email protected] Website:...

Microworld Mailscan 5.6.a Password Reveal Exploit

Exploit for unknown platform in category remote exploits ================================================= Microworld Mailscan 5.6.a Password Reveal Exploit ================================================= /...

Microworld Mailscan 5.6.a - Password Reveal

Microworld Mailscan 5.6.a - Password Reveal / ---------------------------------------------------------------------------------------------- / / / \ \ / / / / / / \ | / / / / / // // / / |/ / //////|/ 2008 SecurityDevelopment.net Author: SlaYeR Date: 25. Aug. 2008 Email:...

Cross site scripting

Cross-site scripting XSS vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI...

CVE-2008-3726

CVE-2008-3726 describes a cross-site scripting (XSS) vulnerability in MicroWorld Technologies’ MailScan web-based administration. The vulnerability allows an attacker to inject arbitrary web script or HTML via the URI, potentially affecting the MailScan Web Admin interface. Connected documents co...

CVE-2008-3727

Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. dot dot in the URI...

CVE-2008-3729

Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication and obtain administrative access via a direct request with 1 an IsAdmin=true cookie value or 2 no cookie...

MailScan Web管理接口多个安全漏洞

BUGTRAQ ID: 30700 MailScan是先进的邮件服务器实时杀毒和反垃圾邮件解决方案。 MailScan提供了基于Web的管理功能，管理控制台（Server.exe）是以LocalSystem权限运行在TCP 10443端口上的HTTP服务。该服务存在多个输入验证错误，允许恶意攻击者泄露敏感信息、执行跨站脚本或绕过某些安全限制。 1 远程攻击者可以向Web管理接口发送特制请求执行目录遍历攻击，下载任意文件。 2 Web管理接口没有正确地限制对某些页面的访问，攻击者可以绕过认证直接访问受保护的页面。 3...

Re: MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface

MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface ======================================================================== Affected Products - MailScan for Mail Servers Version: 5.6.a with espatch1 Win32 Platform Other Mailscan Products, Versions, also, if available for oth...