[27320] in bugtraq
ArGoSoft Web-Mail security problem
daemon@ATHENA.MIT.EDU (Z0rbaS)
Mon Oct 7 13:39:14 2002
Content-Type: text/plain;
charset="us-ascii"
From: Z0rbaS <zorbas@systat.cl>
To: bugtraq@securityfocus.com
Date: Sun, 6 Oct 2002 23:05:14 -0400
MIME-Version: 1.0
Message-Id: <200210062305.14564.zorbas@systat.cl>
Content-Transfer-Encoding: 8bit
ArGoSoft Web-Mail security problem.
A vulnerability affects ArGoSoft Mail Server Pro for WinNT/2000/XP
(Version 1.8.1.9)
I did not test other versions, this is the only I have, but others should be
vulnerable too. The problem is in the Web-Mail interface, it is posible to
execute javascript by sending it inside a mail, ArGoSoft does not filter
that, and you can steal the cookie from the user, the cookie has a problem
too, it saves the username and the password in plain text, you have only to
decode the cookie, and you have something like that:
mail@domain:password
I would desactivate de Web-Mail interface until a patch is released.
Francisco Claude
zorbas@systat.cl
P.S. Sorry for my bad english.
