Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

IMP 2.2.7 pen-test

From: "Bruno Kovacs" <bruno () saga com br>
Date: Fri, 5 Aug 2005 12:17:24 -0800
Hi,

I sent an email yersterday regarding pen-testing a linux system. After many
issues investigated,
I focused on pen-testing it´s IMP 2.2.7 webmail system, which is knows to
have interesting vulns.
( which soft is secure nowadays ?! )

Well, I could get the webserver directory information:
-----------
Notice: Passing locale category name as string is deprecated. Use the
LC_* -constants instead. in /servername/webmail/horde/imp/lib/postconf.php3
on line 27

Warning: Cannot add header information - headers already sent by (output
started at /netflash/webmail/horde/imp/lib/postconf.php3:27) in
/servername/webmail/phplib/session.inc on line 448

Warning: Cannot add header information - headers already sent by (output
started at /netflash/webmail/horde/imp/lib/postconf.php3:27) in
/servername/webmail/phplib/session.inc on line 449

Warning: Cannot add header information - headers already sent by (output
started at /netflash/webmail/horde/imp/lib/postconf.php3:27) in
/servername/webmail/phplib/session.inc on line 450

Warning: Cannot add header information - headers already sent by (output
started at /netflash/webmail/horde/imp/lib/postconf.php3:27) in
/servername/webmail/horde/imp/poppassd.php3 on line 38
-----------

Now, I know there is an SQL injection vulnerability on
http://www.securityfocus.com/bid/6559/references but I´m getting a little
difficulty on actually exploring it.

there are more two references about this issue:

http://www.securityfocus.com/archive/1/305701
http://www.securityfocus.com/archive/1/306268


Could anyone give some help in this ?  I checked it out and when I try to
access
the lib dir, I have no read permissions!


Thanks in regard

Bruno Kovacs (CCSE)
Saga Sistemas e Computadores S.A.
Tel: +55 21 2518-3161 - Ramal 25
bruno () saga com br


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: