EUVD-2005-4552

Malware in sbrugna...

VisNetic Mail Server 8.3.5 - Multiple File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

VisNetic Mail Server 8.3.5 - Multiple File Inclusions source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly saniti...

VisNetic Mail Server 8.3.5 - Multiple File Inclusions

source: https://www.securityfocus.com/bid/19002/info VisNetic Mail Server is prone to multiple local file-include vulnerabilities and a remote file includes vulnerability. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

VisNetic / Merak Mail Server multiple flaws

The remote webmail server is affected by multiple vulnerabilities which may allow an attacker to execute arbitrary commands on the remote host. Description: The remote host is running VisNetic / Merak Mail Server, a multi-featured mail server for Windows. The webmail and webadmin services include...

VisNetic / Merak Mail Server multiple flaws

The remote webmail server is affected by multiple vulnerabilities which may allow an attacker to execute arbitrary commands on the remote host. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

CVE-2005-4556

PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when registerglobals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the 1 langsettings and 2...

CVE-2005-4558

IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include...

CVE-2005-4559

mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly initialize the defaultlayout and layoutsettings variables when an unrecognized HTTPUSERAGENT string is provided, which allows remote attackers to acce...

CVE-2005-4556

PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when registerglobals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the 1 langsettings and 2...

CVE-2005-4556

CVE-2005-4556 affects IceWarp Web Mail 5.5.1 (used by Merak Mail Server 8.3.0r and VisNetic Mail Server 8.3.0 build 1). When register_globals is on, remote attackers can exploit PHP remote file include via the lang_settings and language parameters in accounts/inc/include.php and admin/inc/include...

CVE-2005-4558

CVE-2005-4558 affects IceWarp Web Mail 5.5.1 (used by Merak Mail Server 8.3.0r and VisNetic Mail Server 8.3.0 build 1). The issue arises in mail/index.html where the language parameter lang_settings is not properly restricted before storage in the database, allowing remote authenticated users to ...

CVE-2005-4558

IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include...

CVE-2005-4557

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte %00 in the lang parameter, possibly due to a directory traversal vulnerability...

VisNetic / Merak Mail Server Multiple Remote Vulnerabilities

The remote host is running VisNetic / Merak Mail Server, a multi- featured mail server for Windows. The webmail and webadmin services included in the remote version of this software are prone to multiple flaws. An attacker could send specially crafted URLs to execute arbitrary scripts, perhaps...

IceWarp Universal WebMail - dirinclude.html?lang Local File Inclusion

IceWarp Universal WebMail - dirinclude.html?lang Local File Inclusion source: https://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Universal WebMail into...