CommuniGate Pro Referer Field Session Token Disclosure

medium Nessus Plugin ID 11567

Language:

Synopsis

The remote service has a session hijacking vulnerability.

Description

The remote install of CommuniGate Pro, according to its version number, is vulnerable to a flaw that could allow a remote attacker to access the mailbox of a targeted user.

To exploit such a flaw, an attacker needs to send an email to its victim with a link to an image hosted on a rogue server that will store the Referer field sent by the user user-agent, which contains the credentials used to access the victim's mailbox.

Solution

Upgrade to CommuniGate Pro version 4.1b2 or later.

See Also

https://seclists.org/bugtraq/2003/May/60

Plugin Details

Severity: Medium

ID: 11567

File Name: communigatepro_referer_field.nasl

Version: 1.20

Type: remote

Family: CGI abuses

Published: 5/5/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/a:communigate:communigate_pro_core_server

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2003-1481

BID: 7501

CWE: 200