GEN:SID 1:2246
Message WEB-MISC webadmin.dll access
Summary This event is generated when an attempt is made to access Webadmin from
a source external to the protected network.
Impact Information disclosure.
Detailed Information WebAdmin is a web application that allows remote administration of
MDaemon and RelayFax. A vulnerability exists such that the URI used by
WebAdmin discloses the installation location of MDaemon and RelayFax. A
URI can also be crafted by an attacker that would allow the reading of
any file on the system. This information might then be used in further
attacks against the host.
Affected Systems WebAdmin prior to 2.0.3
Attack Scenarios The attacker needs to login to the server as an administrator then use
WebAdmin.
Ease of Attack Simple. No exploit software required.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References Bugtraq archive:
http://www.securityfocus.com/archive/1/319735
Rule References bugtraq: 7438
bugtraq: 7439
bugtraq: 8024
cve: 2003-0471
nessus: 11771