Description
The Spam Quarantine Management (SQM) component of MailMarshal is vulnerable to multiple persistent cross-site scripting (XSS) vulnerabilities. Exploiting the vulnerabilities allows disclosure of private information, or downloading of malicious files on other users’ computers, etc.
The identified XSS vulnerabilities affect “list of blocked senders” and “list of safe senders” functionality of MailMarshal SMTP. When an internal user A exploits the vulnerability and uses it against another user B via the “delegated spam management” functionality, this could expose user B session information, to enable unauthorized access to user B intranet, or to install a malicious file or Trojan on user B computer. Affected Versions The vulnerability was discovered in MailMarshal SMTP 2006 version 6.2.1.3252.
The vendor has confirmed that all versions of MailMarshal SMTP between 6.0.3.8 and 6.3.0.0 are affected, including the MailMarshal e10000 appliance.
Mitigation
Vendor recommends upgrading to MailMarshal SMTP 6.4 or later. Alternatively, please contact Marshal Technical Support for alternative courses of action.
Disclosure Timeline 24 June 2008: Vulnerabilities discovered and documented 24 June 2008: Vendor notified 30 September 2008: Original advisory published MVSA-08-001
Dr. Marian Ventuneac
|