ArGoSoft 1.8.x - Authentication Bypass

EDB-ID:

22604

CVE:

N/A


Author:

Ziv Kamir

Type:

remote


Platform:

Windows

Date:

2003-05-15


source: https://www.securityfocus.com/bid/7608/info

A vulnerability has been reported for ArGoSoft Mail Server FreeWare version. The problem occurs due to the FreeWare version of ArGoSoft failing to carry out sufficient authentication before granting access to the user management interface. As a result, an unauthorized user may be capable of tampering with sensitive server settings or user information. Access to this interface may also allow for the disclosure of sensitive information such as username or passwords. 

http://www.target.org/useradm