Vulnerabilities > CVE-2006-5210 - Directory Traversal Information Disclosure vulnerability in IronWebMail
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/"). This vulnerability is addressed in the following product update: CipherTrust, IronMail, 6.1.1 HotFix-17
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Exploit-Db
description | IronWebMail 6.1.1 Directory Traversal Information Disclosure Vulnerability. CVE-2006-5210. Webapps exploit for php platform |
id | EDB-ID:28778 |
last seen | 2016-02-03 |
modified | 2006-10-16 |
published | 2006-10-16 |
reporter | Derek Callaway |
source | https://www.exploit-db.com/download/28778/ |
title | ironwebmail <= 6.1.1 - Directory Traversal information disclosure Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | IRONWEBMAIL_PATHNAME_DIR_TRAVERSAL.NASL |
description | The remote host appears to be an IronMail appliance, which is intended to protect enterprise-class email servers from spam, viruses, and hackers. The webmail component of the remote IronMail device does not properly validate pathname references included in a URL before using them to return the contents of files on the remote host. An unauthenticated attacker can leverage this flaw to read arbitrary files and directories on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22901 |
published | 2006-10-20 |
reporter | This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/22901 |
title | IronMail IronWebMail IM_FILE Identifier Encoded Traversal Arbitrary File Access |
code |
|
References
- http://secunia.com/advisories/22406
- http://securityreason.com/securityalert/1726
- http://securitytracker.com/id?1017069
- http://www.securityfocus.com/archive/1/448779/100/0/threaded
- http://www.securityfocus.com/bid/20436
- http://www.symantec.com/enterprise/research/SYMSA-2006-010.txt
- http://www.vupen.com/english/advisories/2006/4055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29620
- https://supportcenter.ciphertrust.com/vulnerability/IWM501-01.html