ID de Prueba:	1.3.6.1.4.1.25623.1.0.11780
Categoría:	Web application abuses
Título:	mailreader.com < 2.3.32 Multiple Vulnerabilities
Resumen:	mailreader.com is prone to multiple vulnerabilities.
Descripción:	Summary: mailreader.com is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2002-1581: Directory traversal vulnerability in nph-mr.cgi allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. - CVE-2002-1582: compose.cgi, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi. Solution: Update to version 2.3.32 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1581 BugTraq ID: 6055 http://www.securityfocus.com/bid/6055 Bugtraq: 20021028 SCAN Associates Advisory : Multiple vurnerabilities on mailreader.com (Google Search) http://www.securityfocus.com/archive/1/297428 Debian Security Information: DSA-534 (Google Search) http://www.debian.org/security/2004/dsa-534 http://mailreader.com/download/ChangeLog http://www.iss.net/security_center/static/10490.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1582 BugTraq ID: 6058 http://www.securityfocus.com/bid/6058 http://www.mailreader.com/download/ChangeLog http://www.iss.net/security_center/static/10491.php
Copyright	Copyright (C) 2005 Michel Arboi

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.