CVE-2004-1720
published 2004-08-17CVE-2004-1720: The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP…
PriorityP423medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.89%
94.0th percentile
The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web logs that may only be available to the administrators, who would have access to the path through legitimate means.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| merak | mail_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Merak Mail Server 7.4.5 - address.html Full Path Disclosure
exploitdb·2004-07-17
CVE-2004-1720 Merak Mail Server 7.4.5 - address.html Full Path Disclosure
Merak Mail Server 7.4.5 - address.html Full Path Disclosure
---
source: https://www.securityfocus.com/bid/10966/info
The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities.
The vulnerabilities reported are:
- Multiple cross-site scripting vulnerabilities
- An HTML injection vulnerability
- A PHP source code disclosure vulnerability
- An SQL injection vulnerability
These vulnerabilities are reported to exist in versions prior to 7.5.2.
/address.html?id=
Exploit-DB
VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service
exploitdb·2004-05-24
CVE-2004-2344 VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service
VocalTec VGW120/VGW480 Telephony Gateway Remote H.225 - Denial of Service
---
// source: https://www.securityfocus.com/bid/10411/info
It has been reported that the VocalTec VGW120 and VGW480 Telephony Gateways are prone to a remote denial of service vulnerability. The issue is reported to exist in the ASN.1/H.323/H.225 stack.
A remote attacker may exploit this issue to deny service to the affected appliances.
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define H323_SIGNAL_PORT 1720
unsigned char kill_buff[] = {\
0x03, 0x00, 0x01, 0x57, 0x08, 0x02, 0x00, 0x04, 0x05, 0x04, 0x03, 0x80, 0x90, 0xa5, 0x6c, 0x0b,
0x81, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x70, 0x0c, 0x81, 0x31, 0x32,
0x33, 0x34, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=109279057326044&w=2http://packetstormsecurity.nl/0408-exploits/merak527.txthttp://secunia.com/advisories/12269http://securitytracker.com/id?1010969http://www.osvdb.org/9043http://www.securityfocus.com/bid/10966https://exchange.xforce.ibmcloud.com/vulnerabilities/17027http://marc.info/?l=bugtraq&m=109279057326044&w=2http://packetstormsecurity.nl/0408-exploits/merak527.txthttp://secunia.com/advisories/12269http://securitytracker.com/id?1010969http://www.osvdb.org/9043http://www.securityfocus.com/bid/10966https://exchange.xforce.ibmcloud.com/vulnerabilities/17027
2004-08-17
Published