This script is Copyright (C) 2005-2012 Tenable Network Security, Inc.
The remote webmail server is affected by directory traversal and
cross-site scripting vulnerabilities.
The remote host is running Winmail Server, a commercial mail server for
Windows from AMAX Information Technologies.
The web interface that is used by Winmail Server for reading mail and
administering the server fails to sanitize user-supplied input to
various parameters and scripts. Beyond the usual cross-site scripting
attacks, this can also be leveraged by an unauthenticated attacker to
overwrite arbitrary files on the affected system, which could compromise
the system's integrity.
See also :
Unknown at this time.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 5.0
Public Exploit Available : true