Tripbit Security Advisory
TA-220603 


Severity: 
Medium/High
Application: 
VisNetic WebMail v.5.8.6.6
Platform: 
Windows
Class: 
Failure to Handle Excetional Conditions
Release Date: 
June 20th, 2003
Vendor: 
http://www.deerfield.com


Overview

VisNetic MailServer: a multi-threaded, multiprocessor capable mail server that supports the most widely used mail protocols including SMTP, POP3, IMAP4, (including ACL) and LDAP. Each of these protocols can be secured using SSL/TLS and it can accommodate unlimited domains and accounts with built-in support for the VisNetic AntiVirus Plug-in. VisNetic WebMail: a web-based mail system providing access to e-mail using any web browser form.

• Details
A bugs has been located in VisNetic WebMail which allows PHP source-code disclosure.
of any file, by adding a "dot" behind the requested site.


Example:


http://host:32000/mail/admin/../include.html.
http://host:32000/mail/admin/../settings.html.

• Recommendation
No solution for the moment.

Vendor Response
The vendor has been notified and is working on an solution.

• Disclaimer
The information within this paper may change without notice. Use of this information constitutes acceptance for use in an 'AS IS' condition. There are 'NO' warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk.

• Additional information
This vulnerability has been found and researched by:

posidron posidron@tripbit.org

rushjo rushjo@tripbit.org

• Availability
You can find the latest version of this warning under the following URL:

http://www.tripbit.org/advisories/TA-220603.html