Summary
The remote host is running the ArGoSoft WebMail interface.
There are multiple flaws in this interface which may allow an attacker to bypass authentication, inject HTML in the e-mails read by the users and even to read arbitrary files on that server.
*** OVS solely relied on the banner of this service to issue *** this alert.
Solution
Upgrade to ArGoSoft 1.8.7.0 or newer
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Apache Continuum Cross Site Scripting Vulnerability
- Apache Tomcat source.jsp malformed request information disclosure