Family: Remote file access --> Category: infos
IlohaMail Readable Configuration Files Vulnerability Scan
Vulnerability Scan Summary
Checks for Readable Configuration Files in IlohaMail
Detailed Explanation for this Vulnerability Test
The target is running at least one instance of IlohaMail that allows
anyone to retrieve its configuration files over the web. These files
may contain sensitive information. For example, conf/conf.inc may
hold a username / password used for SMTP authentication.
Solution : Upgrade to IlohaMail version 0.8.14-rc2 or later or
reinstall following the 'Proper Installation' instructions in the
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.