Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> Sambar sendmail /session/sendmail

Vulnerability Assessment Details

Sambar sendmail /session/sendmail
Vulnerability Assessment Summary
Sambar /session/sendmail mailer installed ?

Detailed Explanation for this Vulnerability Assessment
The Sambar webserver is running. It provides a web interface for sending emails.
You may simply pass a POST request to /session/sendmail and by this send mails to anyone you want.
Due to the fact that Sambar does not check HTTP referrers you do not need direct access to the server!

Solution : Try to disable this module. There might be a patch in the future.

Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2000 Hendrik Scholz
Cables, Connectors


2U 12 Bay Supermicro 6028U-TR4T+ w/ X10DRU-i+ Wholesale Custom Build Your Server picture

2U 12 Bay Supermicro 6028U-TR4T+ w/ X10DRU-i+ Wholesale Custom Build Your Server

$300.99


Dell PowerEdge R630 Server 2x E5-2650 v4 2.80GHz 128GB DDR4 RAM picture

Dell PowerEdge R630 Server 2x E5-2650 v4 2.80GHz 128GB DDR4 RAM

$142.49


Dell Poweredge R730 2x Xeon E5-2670 v3 2.3ghz 24-Cores 32gb H730 iDracEnt picture

Dell Poweredge R730 2x Xeon E5-2670 v3 2.3ghz 24-Cores 32gb H730 iDracEnt

$174.99


Supermicro 2U 6028R-E1CR24N 24x LFF- Wholesale Build Your Own Storage Server picture

Supermicro 2U 6028R-E1CR24N 24x LFF- Wholesale Build Your Own Storage Server

$270.99


Dell PowerEdge R630 Server 2x E5-2697v3 2.60Ghz 28-Core 128GB H730P Rails picture

Dell PowerEdge R630 Server 2x E5-2697v3 2.60Ghz 28-Core 128GB H730P Rails

$295.00


HP ProLiant MicroServer Gen8 Server 12gb RAM I3-3240 NO HDD/OS picture

HP ProLiant MicroServer Gen8 Server 12gb RAM I3-3240 NO HDD/OS

$174.99


Dell PowerEdge R720 Server w 8 Trays 128Gb 80Gb SSD/2x4Tb 2x8c CPUs Proxmox picture

Dell PowerEdge R720 Server w 8 Trays 128Gb 80Gb SSD/2x4Tb 2x8c CPUs Proxmox

$340.00


Dell Poweredge R730xd 26-Bay SFF | 2x E5-2690 v3 2.6ghz 24-Cores | 64GB | Trays picture

Dell Poweredge R730xd 26-Bay SFF | 2x E5-2690 v3 2.6ghz 24-Cores | 64GB | Trays

$279.99


HP ProLiant DL380 Gen9 8SFF Server - E5-2698 v3 - 32 Cores- 128 GB Ram - 600 GB picture

HP ProLiant DL380 Gen9 8SFF Server - E5-2698 v3 - 32 Cores- 128 GB Ram - 600 GB

$229.00


HP ProLiant DL380 Gen10 8SFF Server - Intel Xeon Gold 6142 - 32 Cores- 128GB Ram picture

HP ProLiant DL380 Gen10 8SFF Server - Intel Xeon Gold 6142 - 32 Cores- 128GB Ram

$499.00


Discussions

No Discussions have been posted on this vulnerability.