CVE-2008-3729

Name of the Vulnerable Software and Affected Versions MailScan version 5.6.a espatch 1

Description The issue allows remote attackers to bypass authentication and gain administrative access. This can be achieved by making a direct request with either an IsAdmin cookie set to true or by not including a cookie in the request.

Recommendations For MailScan version 5.6.a espatch 1, consider restricting access to the Web Based Administration interface until a patch is available. As a temporary workaround, avoid using the Web Based Administration feature to minimize the risk of exploitation.