Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Remote file access >> IlohaMail Arbitrary File Access via Language Variable


Vulnerability Assessment Details

IlohaMail Arbitrary File Access via Language Variable

Vulnerability Assessment Summary
Checks for Arbitrary File Access via Language Variable vulnerability in IlohaMail

Detailed Explanation for this Vulnerability Assessment

The target is running at least one instance of IlohaMail version
0.7.10 or earlier. Such versions contain a flaw in the processing of
the language variable that permits an unauthenticated attacker to
retrieve arbitrary files available to the web user.

Solution : Upgrade to IlohaMail version 0.7.11 or later.
Network Security Threat Level: Medium

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004-2005 George A. Theall

Cables, Connectors


Dell PowerEdge 1950 Server (2) CPU 2.33GHz Intel Xeon E5345 12 GB RAM No HDD picture

Dell PowerEdge 1950 Server (2) CPU 2.33GHz Intel Xeon E5345 12 GB RAM No HDD

$89.99



HP Proliant BL460c G9 Blade Server Barebone No HDD No Caddies picture

HP Proliant BL460c G9 Blade Server Barebone No HDD No Caddies

$79.00



Dell PowerEdge M620 Blade Server 2x 8-Core Xeon E5-2680 2.7GHz 64GB RAM No HDDs picture

Dell PowerEdge M620 Blade Server 2x 8-Core Xeon E5-2680 2.7GHz 64GB RAM No HDDs

$70.00



Dell PowerEdge M610 Blade Server w/ Dual Xeon X5650 2.66GHz No RAM No HDD picture

Dell PowerEdge M610 Blade Server w/ Dual Xeon X5650 2.66GHz No RAM No HDD

$39.00



Dell PowerEdge FX2S Switched Rackmount 4-Node Blade Server Chassis + 2x PSU picture

Dell PowerEdge FX2S Switched Rackmount 4-Node Blade Server Chassis + 2x PSU

$299.95



Dell M600 PowerEdge Blade Server 2X Xeon E5430 picture

Dell M600 PowerEdge Blade Server 2X Xeon E5430

$29.99



HP Proliant BL460C G9 Barebones Blade Server picture

HP Proliant BL460C G9 Barebones Blade Server

$79.99



HP ProLiant BL460c G8 (Gen8) 2x 10-CORE E5-2680v2 2.80GHz 32GB RAM NO HDD picture

HP ProLiant BL460c G8 (Gen8) 2x 10-CORE E5-2680v2 2.80GHz 32GB RAM NO HDD

$99.99



HP BL460c G9 28-Core Server 2x E5-2690 v4 2.6GHz 192GB-32 H244br 2x 480GB SSD picture

HP BL460c G9 28-Core Server 2x E5-2690 v4 2.6GHz 192GB-32 H244br 2x 480GB SSD

$1684.42



HP BL460c G8 Blade 8-Core Server 2x E5-2609 2.4GHz 96GB-16 picture

HP BL460c G8 Blade 8-Core Server 2x E5-2609 2.4GHz 96GB-16

$449.13



Discussions

No Discussions have been posted on this vulnerability.