Nessus Plugin #11271
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
IMail account hijack
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- Copyright (C) 2003 Michel Arboi
- Summary:
- Checks for version of IMail web interface
- Version:
- $Revision: 1.3 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
The remote host is running IMail web interface.
In this version, the session is maintained via the URL. It
will be disclosed in the Referer field if you receive an
email with external links (e.g. images)
Solution : Upgrade to IMail 7.06
or turn off the 'ignore source address in security check' option.
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.