MailMarshal <= 6.2.1 tar Archive Traversal Arbitrary File Overwrite (deprecated)

High Nessus Network Monitor Plugin ID 4203


The remote host is vulnerable to a directory traversal flaw.


The remote host is running MailMarshal Mail Server version 6.2.1 or lower. There is a flaw in the remote version of this server. An attacker can create an archive file such that upon opening, critical system files would be overwritten with files of the attacker's choice. Successful exploitation would result in the attacker replacing arbitrary files.


Upgrade to a version higher than 6.2.1.

See Also

Plugin Details

Severity: High

ID: 4203

Family: SMTP Servers

Published: 2007/09/04

Updated: 2018/09/16

Dependencies: 2004, 2005

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:A/AC:M/Au:N/C:N/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

BID: 25523