1st Class mail server 4.01 Directory Traversal and XSS vulnerabilities

Release Date:
April 8, 2004

Severity:
Medium

Vendor:
www.1cis.com

Systems Affected:
Microsoft Windows NT 4.0 (all versions)
Microsoft Windows 2000 (SP3 and earlier)
Microsoft Windows XP (all versions)
Microsoft Windows 9x

Services Affected:
Webmail service (80)


Details:
The 1st Class Mail Server is a small, scalable SMTP, POP3 and Web Mail server designed for small businesses and
individuals. Its simple design, ease of use, and low cost make the 1st Class Mail Server a cost effective product
that fits all your needs.
A vulnerability has been discovered on 1st class mail server that allow a malicious user to read arbitary files on
a system using "../"The vulnerability is caused due to an input validation error.

Second, some XSS attacks have been identified:
http://[host]/AUTH=[some_value]/user/viewmail.tagz?Site=www.hack.gr&Mailbox=3&MessageIndex=[html_code]>
http://[host]/AUTH=[some_value]/user/?Site=www.hack.gr&Mailbox=[html_code]
http://[host]/AUTH=[some_value]/user/members.tagz?Site=www.hack.gr&Mailbox=[html_code]
http://[host]/AUTH=[some_value]/user/general.tagz?Site=www.hack.gr&Mailbox=[html_code]
http://[host]/AUTH=[some_value]/user/advanced.tagz?Site=www.hack.gr&Mailbox=<[html_code]>
http://[host]/AUTH=[some_value]/user/list.tagz?Site=www.hack.gr&Mailbox=[html_code]

Credit:
Dr_insane
Http://members.lycos.co.uk/r34ct/


Feedback
Please send your comments to: dr_insane@pathfinder.gr








______________________________________________________________________________________
http://mobile.pathfinder.gr - Pathfinder Mobile logos & Ringtones! 
http://www.pathfinder.gr - Δωρεάν mail από τον Pathfinder!