SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (E-mail Server)  >  WorldClient Vendors:  Alt-N Technologies
Alt-N WorldClient Default CGI Configuration Lets Remote Users Send Forged Mail Via the Server
SecurityTracker Alert ID:  1006058
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 7 2003
Impact:  Host/resource access via network
Description:  AK Hooja reported a vulnerability in the Alt-N's WorldClient web-based e-mail client. A remote user can relay mail with forged headers via the embedded MDaemon mail server.

It is reported that the default cgibase configuration (Form2Raw.cgi) allows a remote user to submit a specially crafted HTML form to send forged e-mail via the MDaemon server.
Impact:  A remote user can send forged mail via the mail server.
Solution:  No vendor solution was available at the time of this entry.

The author of the report has indicated that, as a workaround, you can remove the cgibase2 config statement from the Worldclient.ini file:

CgiBase2=/Form2Raw.cgi
CgiFile2=C:\MDaemon\CGI\Form2Raw.exe
Vendor URL:  www.altn.com/products/worldclient.asp (Links to External Site)
Cause:  Access control error
Underlying OS:  Windows (Any)
Reported By:  "A K Hooja" <java@datainfosys.net>
Message History:   None.

 Source Message Contents
Date:  Fri, 7 Feb 2003 09:49:24 +0530
From:  "A K Hooja" <java@datainfosys.net>
Subject:  mdaemon mail relay vulnerablity

 


CONTACT INFORMATION
===============================================================================
Let us know who you are:

Name : AK Hooja
E-mail : amithooja@users.sourceforge.net
Phone / fax : 091-141-2603141
Affiliation and address:           218 , sindhi colony , raja park opp nirankari bhawan jaipur -4
Rajasthan India


Have you reported this to the vendor?  no

        If so, please let us know whom you've contacted:

Date of your report :
Vendor contact name :
Vendor contact phone :
Vendor contact e-mail :
Vendor reference number :


        If not, we encourage you to do so--vendors need to hear about
vulnerabilities from you as a customer.


POLICY INFO
===============================================================================
We encourage communication between vendors and their customers.  When
we forward a report to the vendor, we include the reporter's name and
contact information unless you let us know otherwise.

If you want this report to remain anonymous, please check here:

___ Do not release my identity to your vendor contact.

Our vulnerability disclosure policy can be found at

    http://www.kb.cert.org/vuls/html/disclosure

We encourage you to review this policy.

TECHNICAL INFO
===============================================================================
If there is a CERT Vulnerability tracking number please put it
here (otherwise leave blank): VU#______.


Please describe the vulnerability.WorldClient web server ( MDaemon mail server by altn )contains a
default cgibase configuration which allows anbody to relay  forged header mails from mdaemon mail
server. CgiBase2=/Form2Raw.cgi
CgiFile2=C:\MDaemon\CGI\Form2Raw.exe anbody can with required input values thru html form submit can
realy emails from mdaemon mail server  Field: from
 Field: to
 Field: cc
 Field: subject
 Field: Priority
 Field: OnSuccess (not available when used with WorldClient)
 Field: OnFailure (not available when used with WorldClient)  - - ---------------------------------

What is the impact of this vulnerability?
- - ----------------------------------------The vulnerablity can be seriously exploited by spammers
, or mischevious pepole to send forged emails.
To your knowledge is the vulnerability currently being exploited?
- - ----------------------------------------------------------------
no

If there is an exploitation script available, please include it here.
- - --------------------------------------------------------------------

Do you know what systems and/or configurations are vulnerable?
- - -------------------------------------------------------------
[yes/no]  (If yes, please list them below)

System : All
OS version : All
Verified/Guessed: Guessed

Are you aware of any workarounds and/or fixes for this vulnerability?
- - --------------------------------------------------------------------
[yes/no] (If you have a workaround or are aware of patches
      please include the information here.)Yes remove the cgibase2 config that
isCgiBase2=/Form2Raw.cgi
CgiFile2=C:\MDaemon\CGI\Form2Raw.exe from  Worldclient.ini


OTHER INFORMATION
===========================================================================
Is there anything else you would like to tell us?
nops


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC