Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> IMP SQL injection

Vulnerability Assessment Details

IMP SQL injection
Vulnerability Assessment Summary
Checks IMP version

Detailed Explanation for this Vulnerability Assessment

The remote server is running IMP.

There is a bug in this release which permit a possible hacker to perform
an SQL injection attack by requesting :
/imp/mailbox.php3?actionID=6&server=x&imapuser=x'&pass=x

A possible hacker may use this flaw to gain unauthorized access to a user
mailbox or to take the control of the remote database.

Solution : Upgrade to the latest version
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison
Cables, Connectors

Lot of 5 HP ELITEBOOK REVOLVE 810 G2 I7-4600U 2.10 GHZ 4GB RAM NO HD
$599.0		 Lot of 5 HP ELITEBOOK REVOLVE 810 G2 I7-4600U 2.10 GHZ 4GB RAM NO HD pictureOB HP Smart Buy ZBook Studio G5 15.6" Core i7-8750H 8GB RAM 256GB Win 10 Pro
$1299.0		 OB HP Smart Buy ZBook Studio G5 15.6Lenovo X1 Carbon 2nd Gen i7-4600U 2.1GHz 8GB RAM NO HD LCD ISSUE
$119.95		 Lenovo X1 Carbon 2nd Gen i7-4600U 2.1GHz 8GB RAM NO HD LCD ISSUE pictureCrucial 8GB Kit 2x 8GB DDR3L-1333 SODIMM CT8G3S1339M.M16FED MAC
$24.8		 Crucial 8GB Kit 2x 8GB DDR3L-1333 SODIMM CT8G3S1339M.M16FED MAC picture


Discussions

No Discussions have been posted on this vulnerability.