Sambar Server /cgi-bin/mailit.pl Arbitrary Mail Relay

medium Nessus Plugin ID 10417

Synopsis

The remote host has an application that allows unauthorized mail relaying.

Description

The Sambar web server is running and the 'mailit.pl' cgi is installed.
This CGI takes a POST request from any host and sends a mail to a supplied address.

Solution

remove it from /cgi-bin.

Plugin Details

Severity: Medium

ID: 10417

File Name: sambar_mailit.nasl

Version: 1.27

Type: remote

Family: CGI abuses

Published: 5/25/2000

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: Settings/ParanoidReport, www/sambar

Vulnerability Publication Date: 1/1/2000

Detections

Analytics