Описание
Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.
Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-5487
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30188
- http://secunia.com/advisories/22806
- http://securityreason.com/securityalert/1857
- http://securitytracker.com/id?1017209
- http://www.marshal.com/kb/article.aspx?id=11450
- http://www.securityfocus.com/archive/1/451143/100/0/threaded
- http://www.securityfocus.com/bid/20999
- http://www.vupen.com/english/advisories/2006/4457
- http://www.zerodayinitiative.com/advisories/ZDI-06-039.html
Связанные уязвимости
nvd
около 19 лет назад
Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.