CVE-2004-1721 Information

Description

The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000.

Reference

http://marc.info/?l=bugtraq&m=109279057326044&w=2 http://packetstormsecurity.nl/0408-exploits/merak527.txt http://secunia.com/advisories/12269 http://securitytracker.com/id?1010969 http://www.osvdb.org/9045 http://www.securityfocus.com/bid/10966 https://exchange.xforce.ibmcloud.com/vulnerabilities/17029