icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

WinGate < 6.1.4 Build 1099 IMAP Service Traversal Arbitrary Mail Access

Medium

Synopsis

The remote host is vulnerable to a Directory Traversal flaw.

Description

The remote host appears to be running WinGate Proxy Server, a Windows application for managing and securing Internet access. According to its banner, the version of WinGate installed on the remote host is affected by a directory traversal flaw in its IMAP service. An attacker exploiting this flaw would only need to be able to connect to the IMAP service port, authenticate and issue a malformed request. Successful exploitation would lead to a loss of confidential data.

Solution

Upgrade to version 6.1.4 Build 1099 or higher.