|
Family: CGI abuses --> Category: infos
IMP SQL injection Vulnerability Scan
Vulnerability Scan Summary Checks IMP version
Detailed Explanation for this Vulnerability Test
The remote server is running IMP.
There is a bug in this release which allow a possible hacker to perform
an SQL injection attack by requesting :
/imp/mailbox.php3?actionID=6&server=x&imapuser=x'&pass=x
A possible hacker may use this flaw to gain unauthorized access to a user
mailbox or to take the control of the remote database.
Solution : Upgrade to the latest version
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|