Vulnerabilities > CVE-2002-0532 - Unspecified vulnerability in Emumail Emumail, Emumail RED HAT Linux and Emumail Unix

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

emumail

NVD

Published: 2002-08-12

Updated: 2024-11-20

Summary

EMU Webmail allows local users to execute arbitrary programs via a .. (dot dot) in the HTTP Host header that points to a Trojan horse configuration file that contains a pageroot specifier that contains shell metacharacters.

Vulnerable Configurations

Part	Description	Count
Application	Emumail Emumail Emumail Unix 5.0 Emumail Emumail Unix 5.1 Emumail Emumail RED HAT Linux 5.0 Emumail Emumail RED HAT Linux 5.1 Emumail Emumail 3.0	5

References

http://online.securityfocus.com/archive/1/266930
http://online.securityfocus.com/archive/1/266930
http://www.iss.net/security_center/static/8836.php
http://www.iss.net/security_center/static/8836.php
http://www.osvdb.org/5270
http://www.osvdb.org/5270
http://www.securityfocus.com/bid/4488
http://www.securityfocus.com/bid/4488