icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

MailMarshal <= 6.2.1 tar Archive Traversal Arbitrary File Overwrite

High

Synopsis

The remote host is vulnerable to a directory traversal flaw.

Description

The remote host is running MailMarshal Mail Server version 6.2.1 or lower. There is a flaw in the remote version of this server. An attacker can create an archive file such that upon opening, critical system files would be overwritten with files of the attacker's choice. Successful exploitation would result in the attacker replacing arbitrary files.

Solution

Upgrade to a version higher than 6.2.1.