The Spam Quarantine Management (SQM) component of MailMarshal is vulnerable to multiple persistent cross-site scripting (XSS) vulnerabilities. Exploiting the vulnerabilities allows disclosure of private information, or downloading of malicious files on other users’ computers, etc.
The identified XSS vulnerabilities affect “list of blocked senders” and “list of safe senders” functionality of MailMarshal SMTP. When an internal user A exploits the vulnerability and uses it against another user B via the “delegated spam management” functionality, this could expose user B session information, to enable unauthorized access to user B intranet, or to install a malicious file or Trojan on user B computer.
The vulnerability was discovered in MailMarshal SMTP 2006 version 188.8.131.5252.
The vendor has confirmed that all versions of MailMarshal SMTP between 184.108.40.206 and 220.127.116.11 are affected, including the MailMarshal e10000 appliance.
Vendor recommends upgrading to MailMarshal SMTP 6.4 or later. Alternatively, please contact Marshal Technical Support for alternative courses of action.
24 June 2008: Vulnerabilities discovered and documented
24 June 2008: Vendor notified
30 September 2008: Original advisory published
Dr. Marian Ventuneac