Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57016
Category:CGI abuses
Title:IceWarp Web Mail < 5.5.1 Multiple Vulnerabilities
Summary:NOSUMMARY
Description:Description:

The remote version of IceWarp, according to its version
number, is vulnerable to multiple attacks, including
cross site scripting attacks, directory traversal attacks
allowing attackers to both delete arbitrary files and
include arbitrary PHP files (code injection).

Versios 5.5.1 and probably earlier versions are vulnerable.

Solution : Upgrade to a later version.

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: BugTraq ID: 14980
BugTraq ID: 14986
BugTraq ID: 17995
Common Vulnerability Exposure (CVE) ID: CVE-2005-3131
http://www.securityfocus.com/bid/14980
Bugtraq: 20050930 Multiple vulnerabilities in Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1 (Google Search)
http://marc.info/?l=bugtraq&m=112810385104168&w=2
http://secunia.com/advisories/17046/
http://www.vupen.com/english/advisories/2005/1933
Common Vulnerability Exposure (CVE) ID: CVE-2005-3133
http://www.securityfocus.com/bid/14986
BugTraq ID: 14988
http://www.securityfocus.com/bid/14988
Common Vulnerability Exposure (CVE) ID: CVE-2006-2484
http://www.securityfocus.com/bid/17995
Bugtraq: 20060516 IceWarp Cross-Site Scripting(XSS) (Google Search)
http://www.securityfocus.com/archive/1/434121/100/0/threaded
http://securityreason.com/securityalert/925
XForce ISS Database: icewarpwebmail-phpsessid-xss(26680)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26680
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.