Lucene search

MitreCVE-2006-0929

HistoryFeb 28, 2006 - 11:02 a.m.

CVE-2006-0929

2006-02-2811:02:00

mitre

web.nvd.nist.gov

cve-2006-0929

imap server

argosoft mail server pro

directory traversal

rename command

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

73.4%

JSON

Directory traversal vulnerability in the IMAP server in ArGoSoft Mail Server Pro 1.8.8.1 allows remote authenticated users to create arbitrary folders via a … (dot dot) in the RENAME command.

Affected configurations

Nvd

Node

argosoftargosoft_mail_serverMatch1.8.8.1pro

VendorProductVersionCPE
argosoftargosoft_mail_server1.8.8.1cpe:2.3:a:argosoft:argosoft_mail_server:1.8.8.1:*:pro:*:*:*:*:*

Vendor	Product	Version	CPE
argosoft	argosoft_mail_server	1.8.8.1	cpe:2.3:a:argosoft:argosoft_mail_server:1.8.8.1::pro:::::

References

secunia.com/advisories/18990

www.nsag.ru/vuln/878.html

www.securityfocus.com/archive/1/425969/100/0/threaded

www.securityfocus.com/bid/16809

www.vupen.com/english/advisories/2006/0733

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

73.4%

JSON

Related for CVE-2006-0929