[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Information disclosure vulnerability in IceWarp Mail Server

ID: oval:org.secpod.oval:def:2516Date: (C)2011-10-13   (M)2022-10-10
Class: VULNERABILITYFamily: windows




The host is installed with IceWarp Mail Server before 10.3.3 and is prone to information disclosure vulnerability. A flaw is present in the application which invokes the phpinfo() function to return sensitive information about the system. Successful exploitation allows remote attackers to obtain configuration information via a direct request to the /server URI.

Platform:
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1
Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2012
Product:
IceWarp Mail Server
Reference:
CVE-2011-3580
CVE    1
CVE-2011-3580
CPE    6
cpe:/a:icewarp:mail_server:9.4.2
cpe:/a:icewarp:mail_server:9.3.2
cpe:/a:icewarp:mail_server:9.4.1
cpe:/a:icewarp:mail_server:9.3.1
...

© SecPod Technologies