CVE-2006-2917

Опубликовано: 10 июл. 2006

Источник: nvd

CVSS2: 5.5

EPSS Низкий

Описание

Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.

Ссылки

http://secunia.com/advisories/20707
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-48/advisory/
Vendor Advisory
http://www.securityfocus.com/bid/18908
http://www.vupen.com/english/advisories/2006/2730
http://www.wingate.com/download.php
http://secunia.com/advisories/20707
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-48/advisory/
Vendor Advisory
http://www.securityfocus.com/bid/18908
http://www.vupen.com/english/advisories/2006/2730
http://www.wingate.com/download.php

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:qbik:wingate:6.1.2.1094:*:*:*:*:*:*:*

cpe:2.3:a:qbik:wingate:6.1.3.1096:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01717

Низкий

5.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h95f-92vr-pf54

github

почти 4 года назад