Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0798

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2006-0798
Last Modified 07 Mar 2011 09:30:49
Published 19 Feb 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-0798

Summary

Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. (dot dot) in the argument to the (1) CREATE, (2) SELECT, (3) DELETE, or (4) RENAME commands.

Vulnerable Systems

Application

  • Macallan Mail Solution 4.8.03.025


References

BID - 16704

VUPEN - ADV-2006-0644

MISC - http://secunia.com/secunia_research/2006-4/advisory/

SECUNIA - 18775

MISC - http://macallan.club.fr/MMS/index.html

XF - macallan-imap-directory-traversal(24761)

OSVDB - 23269

SECTRACK - 1015647


Last Updated: 27 May 2016 10:41:48