header-logo
Suggest Exploit
vendor:
Mail Server FreeWare
by:
SecurityFocus
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Mail Server FreeWare
Affected Version From: FreeWare version
Affected Version To: FreeWare version
Patch Exists: NO
Related CWE: N/A
CPE: a:argosoft:mail_server_freeware
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

ArGoSoft Mail Server FreeWare Authentication Bypass Vulnerability

A vulnerability has been reported for ArGoSoft Mail Server FreeWare version. The problem occurs due to the FreeWare version of ArGoSoft failing to carry out sufficient authentication before granting access to the user management interface. As a result, an unauthorized user may be capable of tampering with sensitive server settings or user information. Access to this interface may also allow for the disclosure of sensitive information such as username or passwords.

Mitigation:

Ensure that authentication is properly implemented and enforced before granting access to the user management interface.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7608/info

A vulnerability has been reported for ArGoSoft Mail Server FreeWare version. The problem occurs due to the FreeWare version of ArGoSoft failing to carry out sufficient authentication before granting access to the user management interface. As a result, an unauthorized user may be capable of tampering with sensitive server settings or user information. Access to this interface may also allow for the disclosure of sensitive information such as username or passwords. 

http://www.target.org/useradm

Navigation

Suggest Exploit

Services By CQR