Mailreader network.cgi enriched/richtext MIME Message XSS

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote host contains a CGI script that is vulnerable to a cross-
site scripting attack.

Description :

According to its banner, the version of Mailreader installed on the
remote host is affected by a remote HTML injection vulnerability due
to its failure to properly sanitize messages using a 'text/enriched'
or 'text/richtext' MIME type. An attacker can exploit this flaw by
sending a specially crafted message to a user who reads his mail with
Mailreader. Then, when the user reads that message, malicious HTML or
script code embedded in the message will be run by the user's browser
in the context of the remote host, enabling the attacker to steal
authentication cookies as well as perform other attacks.

Solution :

Upgrade to Mailreader 2.3.36 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:H/RL:OF/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 17661 (mailreader_html_injection.nasl)

Bugtraq ID: 12945

CVE ID: CVE-2005-0386