Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

VisNetic / Merak Mail Server multiple flaws Vulnerability Scan


Vulnerability Scan Summary
Checks for VisNetic Mail Server arbitrary script include

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote webmail server is affected by multiple vulnerabilities
which may allow a possible hacker to execute arbitrary commands on the remote
host.

Description:

The remote host is running VisNetic / Merak Mail Server, a
multi-featured mail server for Windows.

The webmail and webadmin services included in the remote version of
this software are prone to multiple flaws. A possible hacker could send
specially-crafted URLs to execute arbitrary scripts, perhaps taken
from third-party hosts, or to disclose the content of files on the
remote system.

See also :

http://secunia.com/secunia_research/2005-62/advisory/
http://www.deerfield.com/download/visnetic-mailserver/

Solution :

Upgrade to Merak Mail Server 8.3.5.r / VisNetic Mail Server version
8.3.5 or later.

Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.