A vulnerability was found in SpamTitan v5.08 (Anti-Spam Software) and classified as problematic. Affected by this issue is some unknown functionality of the component Setup-Relay. The manipulation with an unknown input leads to a cross site scripting vulnerability. Using CWE to declare the problem leads to CWE-80. The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages. Impacted is integrity.

The weakness was shared 12/19/2011 by Benjamin Kunz Mejri as VL-ID 91 as not defined advisory (Website). The advisory is shared for download at vulnerability-lab.com. The exploitation is known to be easy. The attack may be launched remotely. A simple authentication is required for exploitation. Successful exploitation requires user interaction by the victim. Technical details are unknown but a public exploit is available. The MITRE ATT&CK project declares the attack technique as T1059.007.

A public exploit has been developed by Benjamin Kunz Mejri and been published immediately after the advisory. The exploit is available at vulnerability-lab.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 95 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entries 91183 and 91185 are related to this item.

Productinfo

Type

• Anti-Spam Software

Name

• SpamTitan

Version

• v5.08

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion