Описание
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2414
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26536
- http://dovecot.org/list/dovecot-cvs/2006-May/005563.html
- http://secunia.com/advisories/20308
- http://secunia.com/advisories/20315
- http://securityreason.com/securityalert/913
- http://www.debian.org/security/2006/dsa-1080
- http://www.dovecot.org/list/dovecot-news/2006-May/000006.html
- http://www.securityfocus.com/archive/1/433878/100/0/threaded
- http://www.securityfocus.com/bid/17961
- http://www.vupen.com/english/advisories/2006/2013
EPSS
CVE ID
Связанные уязвимости
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows r ...
EPSS