Blind Injection

Blog posvecen bezbednosti Microsoft tehnologija

Home
Contact

Wednesday, November 19, 2008 11:21 AM levaja

MDaemon web mail vulnerability

Ukoliko slučajno koristite popularni MDaemon mejl server, ažurirajte ga na najnoviju verziju pošto aktuelna (a možda i prethodne) omogućava admin pristup MDaemonu zlonamernim korisnicima putem XSS ranjivosti u parsiranju HTML tagova.

http://secunia.com/Advisories/32142/

Pozz!

# re: MDaemon web mail vulnerability

Friday, November 21, 2008 12:01 AM by Ivan Markovic

Idemo na sledecu verziju :)

# re: MDaemon web mail vulnerability

Friday, November 21, 2008 9:43 AM by levaja

Vec sam otisao na sledecu :)

Objavicu ovih dana ako me neko ne pretekne.

Mislim da je ocena Secunie (Moderately critical) niza nego sto bi trebala da bude, jer propust omogucava admin pristup mejl servisu, a i samom serveru ukoliko admin koristi isti pass i za oba.

Title (required)
Name: (required)
Website: (optional)
Comments (required)
Remember Me?

Blind Injection

Search

Tags

Community

Syndication

Archives

MDaemon web mail vulnerability

# re: MDaemon web mail vulnerability

# re: MDaemon web mail vulnerability

Leave a Comment