VULHUB ™

The administrative interface for SLMail is reported to disclose information when requests containing directory traversals are made by unauthenticated users. Though it is not possible for an unauthenticated user to gain unauthorized access to files, SLMail will return a response which could allow the attacker to determine if a resource exists on the host or not.

The administrative interface for SLMail is reported to disclose information when requests containing directory traversals are made by unauthenticated users. Though it is not possible for an unauthenticated user to gain unauthorized access to files, SLMail will return a response which could allow the attacker to determine if a resource exists on the host or not.