Multiple Vulnerabilities Found In The IceWarp WebMail Server

In the world of computer security it never ends, vulnerabilities are everywhere. Another vulnerability has been found and this time it exists in the Merak Mail Server. It has recently been reported that multiple vulnerabilities were found in the Merak Mail Server. These vulnerabilities can actually be exploited by malicious individuals with the intention of performing SQL injection attacks; script insertion attacks as well as the popular phishing attacks.

These vulnerabilities were discovered and reported by RedTeam Pentesting during a penetration test. It came to their attention that online attackers who are in control of users web based email accounts  as well as Groupware components, are literally able to execute arbitrary SQL select statements. This enables them to read any data that they wish from the database of the web server that you can access through the Icewarp email server.

The particular product that was affected is the IceWarp email Server / WebMail Server. There were multiple impacts from the vulnerabilities with the inclusion of Security bypass, exposure of sensitive information, cross site scripting and manipulation of specific data. According to RedTeam Pentesting, IceWarp's WebMail Server vulnerability is a high risk.

This product is from a vendor which you may or may not know called IceWarp. According to their webpage, IceWarp describes a part of the Webmail Server Pro product as:"Feature complete yet easy to use, WebMail Server Pro provides feature rich Web 2.0 web-based access to email, calendars, contacts, files and shared data from any computer with browser and internet connection, without the usual configuration hassle."

The main type of risk, that is the greatest cause of alarm, is the possibility of SQL Injection attacks. It is vital for all users to know that affected versions include 9.4.1 and there is the possibility that it has also affected various versions prior to this one. The question that may be asked is what can be done about this? The answer is fairly simple, it has been suggested that users update to the 9.4.2 version.