Vulnerability Description
MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Icewarp | Web Mail | 5.5.1 |
| Merak | Mail Server | 8.2.4r |
References
- http://marc.info/?l=bugtraq&m=112810385104168&w=2
- http://secunia.com/advisories/17046/Vendor Advisory
- http://www.vupen.com/english/advisories/2005/1933
- http://marc.info/?l=bugtraq&m=112810385104168&w=2
- http://secunia.com/advisories/17046/Vendor Advisory
- http://www.vupen.com/english/advisories/2005/1933
FAQ
What is CVE-2005-3132?
CVE-2005-3132 is a vulnerability with a CVSS score of 5.0 (MEDIUM). MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the ...
How severe is CVE-2005-3132?
CVE-2005-3132 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3132?
Check the references section above for vendor advisories and patch information. Affected products include: Icewarp Web Mail, Merak Mail Server.