HTTP: IceWarp Mail Server Directory Traversal

This signature detects attempts to exploit a known vulnerability against IceWarp Mail Server. A successful attack can lead to directory traversal and arbitrary code execution.

Extended Description

Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php.

Affected Products

Icewarp mail_server

References

CVE: CVE-2015-1503

Short Name
HTTP:DIR:ICEWARP-MAILSRVR-LFI
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-1503 Directory IceWarp Mail Server Traversal
Release Date
01/30/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Icewarp

CVSS Score

7.8

Found a potential security threat?