Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2917

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2006-2917
Last Modified 07 Mar 2011 09:37:17
Published 10 Jul 2006 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-2917

Summary

Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.

Vulnerable Systems

Application

  • Qbik Wingate 6.1.2.1094

  • Qbik Wingate 6.1.3.1096


References

SECUNIA - 20707

MISC - http://www.wingate.com/download.php

VUPEN - ADV-2006-2730

BID - 18908

MISC - http://secunia.com/secunia_research/2006-48/advisory/


Last Updated: 27 May 2016 10:42:48