Lucene search

MitreCVE-2004-2446

HistoryAug 20, 2005 - 4:00 a.m.

CVE-2004-2446

2005-08-2004:00:00

mitre

web.nvd.nist.gov

cve

2004

2446

directory traversal

vulnerability

1st class mail server

remote attackers

arbitrary files

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.033

Percentile

91.4%

JSON

Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a “…” (dot dot) sequences in unknown vectors.

Affected configurations

Nvd

Node

1st_class_internet_solutions1st_class_mail_serverMatch4.01

VendorProductVersionCPE
1st_class_internet_solutions1st_class_mail_server4.01cpe:2.3:a:1st_class_internet_solutions:1st_class_mail_server:4.01:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
1st_class_internet_solutions	1st_class_mail_server	4.01	cpe:2.3:a:1st_class_internet_solutions:1st_class_mail_server:4.01:::::::*

References

members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt

secunia.com/advisories/11330

securitytracker.com/alerts/2004/Apr/1009705.html

www.osvdb.org/5011

www.securityfocus.com/bid/10089

exchange.xforce.ibmcloud.com/vulnerabilities/15812

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.033

Percentile

91.4%

JSON

Related for CVE-2004-2446