[Dshield] OpenWebMail Vulnerabilities?

George Theall theall at tifaware.com
Thu Mar 24 20:31:37 GMT 2005

On Wed, Mar 23, 2005 at 01:36:50PM -0500, Jon R. Kibler wrote:

> Over the past couple of days we have seen innumerable log entries searching for openwebmail.pl, such as below:
> > (HOSTNAME DELETED) - - [23/Mar/2005:11:17:47 -0500] "GET /cgi-bin/openwebmail/openwebmail.pl HTTP/1.0" 404 228
> Is there some new vulnerability here? Google gives a bunch of links to
> a 2002/12 problem with v1.71, but does not show anything newer.  BTW,
> most (all?) of the scans appear to originate from Asia. 

Go to Bugtraq - <http://www.securityfocus.com/bid/vendor/> - and search
for "Open WebMail" or browse advisories issued by the developers -
<http://openwebmail.org/openwebmail/download/cert/advisories/>.  You'll
find several newer problems, including remote command execution,
although nothing terribly recent. 

theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050324/94980fa2/attachment.bin

More information about the list mailing list