Detections
Analytics
MailScan WebAdministrator Cookie Authentication Bypass
high Nessus Plugin ID 33903
Language:
Synopsis
It is possible to bypass authentication and gain administrative access of a web application on the remote host.Description
The remote host is running MailScan for Mail Servers, an antivirus / antispam for mail servers.The version of MailScan installed on the remote host allows an attacker by bypass authentication and gain administrative access to the application by sending requests without any cookies.
Note that a number of other vulnerabilities have been reported in MailScan along with this, although Nessus has not checked for them.
Solution
Unknown at this time.See Also
http://www.oliverkarow.de/research/mailscan.txt
https://www.securityfocus.com/archive/1/495502/30/0/threaded
Plugin Details
Severity: High
ID: 33903
File Name: mailscan_admin_bypass.nasl
Version: 1.18
Type: remote
Family: CGI abuses
Published: 8/17/2008
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.1
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No known exploits are available
Exploited by Nessus: true
Reference Information
CVE: CVE-2008-3729
BID: 30700
CWE: 287