Vulnerabilities > CVE-2006-0127 - Directory Traversal vulnerability in MailSite
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. (dot dot) in the RENAME command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/040969.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041039.html
- http://secunia.com/advisories/18318
- http://www.osvdb.org/22229
- http://www.vupen.com/english/advisories/2006/0055
- http://zur.homelinux.com/Advisories/RockliffeMailsiteDirTransveral.txt