HTTP: EMUmail.cgi Information Leak

This signature detects attempts to exploit a vulnerability in EMU Webmail. Versions 5.10 and earlier are vulnerable. Attackers can remotely send a maliciously crafted HTTP request, which contains the emumail.cgi script and a specified file name that is appended with a NULL byte character (%00), to view file contents.

Extended Description

Emumail is a web mail package available from Emumail, Inc. It is designed for use on Linux, Unix, and Windows systems. It may be possible for a remote user to gain access to some files through email. By supplying the full path to a file as an argument to the type= function of emumail.cgi, a user may be able to see the contents of the specified file. The request must end with a null character (%00).

Affected Products

Emumail emumail

References

BugTraq: 4435

CVE: CVE-2002-0531

URL: http://www.securityfocus.com/bid/4435 http://www.emumail.com/downloads/download_unix.html http://www.iss.net/security_center/static/8766.php

Short Name

HTTP:CGI:EMUMAIL-INFO-LEAK

Severity

Minor

Recommended

False

Recommended Action

None

HTTP: EMUmail.cgi Information Leak

Extended Description

Affected Products

References

Found a potential security threat?