|
Cyclonic WebMail Allows Sending Emails Anonymously
|
|
Secunia Advisory:
|
SA10421
|
|
|
Release Date:
|
2003-12-12
|
|
Popularity:
|
7,989 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Hijacking
Security Bypass
Spoofing
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Cyclonic WebMail 4.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Protect Cyclonic with .htaccess or similar and restrict access to ensure that only users from trusted IP addresses can access the service.
Furthermore, the configuration file should be placed in a protected folder and all system folders such as "/logs/", "/users/", and "/sids/" should be protected using .htaccess or similar to ensure that ordinary users can't access them.
Alternatively, use another product.
Provided and/or discovered by:
Somers Raf
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
