CVE-2006-2308
Summary
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.
- LOW
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- NONE
References
Advisory Timeline
- Published