Vulnerability CVE-2011-3579


Published: 2011-09-30   Modified: 2012-02-13

Description:
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
IceWarp Mail Server 10.3.2 Multiple Vulnerabilities
David Kirkpatric...
04.10.2011

Type:

CWE-399

(Resource Management Errors)

Vendor: Icewarp
Product: Mail server 
Version:
9.4.2
9.4.1
9.4.0
9.3.2
9.3.1
9.3.0
10.3.2
10.3.1
10.3.0
10.2.2
10.2.1
10.2.0
10.1.4
10.1.3
10.1.2
10.1.1
10.0.8
10.0.7
10.0.4
10.0.3

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
Partial

 References:
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt
http://xforce.iss.net/xforce/xfdb/70025
http://www.securityfocus.com/bid/49753
http://www.osvdb.org/75721
http://securitytracker.com/id?1026093
http://archives.neohapsis.com/archives/bugtraq/2011-09/0145.html

Related CVE
CVE-2019-12593
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
CVE-2018-16324
In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.
CVE-2015-1503
Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash...
CVE-2017-7855
In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter.
CVE-2017-12844
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
CVE-2011-3580
IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
CVE-2009-1516
Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncod...
CVE-2009-1468
Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and ...

Copyright 2019, cxsecurity.com

 

Back to Top