---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: wMailserver Insecure Registry Permission and Denial of Service SECUNIA ADVISORY ID: SA16033 VERIFY ADVISORY: http://secunia.com/advisories/16033/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information, DoS WHERE: >From remote SOFTWARE: wMailserver 1.x http://secunia.com/product/5362/ DESCRIPTION: fRoGGz has discovered a security issue and a vulnerability in wMailserver, which be exploited by malicious, local users to gain knowledge of sensitive information or by malicious people to cause a DoS (Denial of Service). 1) The server's admin password is stored in the "Software\Darsite\MAILSRV\Admin" registry key under HKEY_CURRENT_CONFIG. This registry key is readable by non-privileged users on the system. 2) A boundary error when processing SMTP requests can be exploited to crash the service via a specially crafted request. The security issue and vulnerability have been confirmed in version 1.0. SOLUTION: Filter incoming traffic and allow only trusted IP addresses to connect to the server. Change the permissions of the registry key to disallow read access for non-privileged users. PROVIDED AND/OR DISCOVERED BY: fRoGGz, SecuBox Labs. ORIGINAL ADVISORY: SecuBox Labs: http://secubox.teria.org/portlet/articles.php?action=detail&aid=76 http://secubox.teria.org/portlet/articles.php?action=detail&aid=75 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------