Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WinGate < 6.1.4 Build 1099 IMAP Service Traversal Arbitrary Mail Access

Medium

Synopsis

The remote host is vulnerable to a Directory Traversal flaw.

Description

The remote host appears to be running WinGate Proxy Server, a Windows application for managing and securing Internet access. According to its banner, the version of WinGate installed on the remote host is affected by a directory traversal flaw in its IMAP service. An attacker exploiting this flaw would only need to be able to connect to the IMAP service port, authenticate and issue a malformed request. Successful exploitation would lead to a loss of confidential data.

Solution

Upgrade to version 6.1.4 Build 1099 or higher.