Back to search
CVE-2001-1211
Published: Mar 15, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://support.ipswitch.com/kb/IM-20011219-DM01.htm
x_refsource_MISC
3766
vdb-entry
x_refsource_BID
http://support.ipswitch.com/kb/IM-20020301-DM02.htm
x_refsource_MISC
imail-admin-domain-change(7752)
vdb-entry
x_refsource_XF
20011231 IMail Web Service User Aliases / Mailing Lists Admin Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now