Test ID:	1.3.6.1.4.1.25623.1.0.57016
Category:	CGI abuses
Title:	IceWarp Web Mail < 5.5.1 Multiple Vulnerabilities
Summary:	NOSUMMARY
Description:	Description: The remote version of IceWarp, according to its version number, is vulnerable to multiple attacks, including cross site scripting attacks, directory traversal attacks allowing attackers to both delete arbitrary files and include arbitrary PHP files (code injection). Versios 5.5.1 and probably earlier versions are vulnerable. Solution : Upgrade to a later version. Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 14980 BugTraq ID: 14986 BugTraq ID: 17995 Common Vulnerability Exposure (CVE) ID: CVE-2005-3131 http://www.securityfocus.com/bid/14980 Bugtraq: 20050930 Multiple vulnerabilities in Merak Mail Server 8.2.4r with Icewarp Web Mail 5.5.1 (Google Search) http://marc.info/?l=bugtraq&m=112810385104168&w=2 http://secunia.com/advisories/17046/ http://www.vupen.com/english/advisories/2005/1933 Common Vulnerability Exposure (CVE) ID: CVE-2005-3133 http://www.securityfocus.com/bid/14986 BugTraq ID: 14988 http://www.securityfocus.com/bid/14988 Common Vulnerability Exposure (CVE) ID: CVE-2006-2484 http://www.securityfocus.com/bid/17995 Bugtraq: 20060516 IceWarp Cross-Site Scripting(XSS) (Google Search) http://www.securityfocus.com/archive/1/434121/100/0/threaded http://securityreason.com/securityalert/925 XForce ISS Database: icewarpwebmail-phpsessid-xss(26680) https://exchange.xforce.ibmcloud.com/vulnerabilities/26680
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.