exploit the possibilities

imd_advisory.txt

imd_advisory.txt
Posted Jan 30, 2005
Authored by Steven | Site lovebug.org

The webmail portion of Infinite Mobile Delivery 2.6 from Captaris, Inc. contains a Cross Site Scripting vulnerability. In addition to the XSS, an even smaller issue exists where a user can determine the installation path of the client and where e-mails are stored.

tags | exploit, xss
SHA-256 | ab16cccb8d5dac3bb83fa685da0c66ecaf107bea553a5bde32efb50a81721cbf

imd_advisory.txt

Change Mirror Download
Vendor:   Captaris, Inc.
Date: January 29, 2005
Issue: XSS in Infinite Mobile Delivery v2.6 Webmail
URL: http://www.capataris.com
Advisory: http://www.lovebug.org/imd_advisory.txt


Issue:

The webmail portion of the latest (and final) release of Infinite Mobile
Delivery contains a Cross Site Scripting vulnerability. In addition to
the XSS, an even smaller issue exists where a user can determine the
installation path of the client and where e-mails are stored.

A user once logged in can simply start writing scripting immediately after
their user name and it will be executed within the browser.

---

Example: http://www-webmailusersite-com/username/[XSS]

The server will respond with:

Unable to parse request for user blah:
[XSS]

---

Also, the server will return the installation path if an illegal windows
folder character or name is entered after 'Folder:' - For example, Windows
does not let you have folders containing < > * | : \ / ? or com1, com2,
etc.

Example: http://www-webmailusersite-com/username/Folder:?

The server will respond with:

Error creating file: [drive letter]:\file's\path\USERS\username\?.IDX


---


Solutions:

I am not aware of any solutions at this time.


Vendor Response:

The vendor was notified of the issue in November 2004. They also told me
that Captaris is no longer developing Infinite Mobile Delivery and that
there probably won't be any changs implemented. To the best of my
knowledge there will be no further releases and there is no fix available.

Credits:

The best University in Virginia (Virginia Tech) for providing me education
for the past 3.5 years and for having so much terrible cold weather which
has given me time to write this up.

Steven
steven@lovebug.org
Login or Register to add favorites

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close