logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2005-4557

Description

dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability.


Affected Software


CPE Name Name Version
merak:mail_server merak mail server 8.3.0r
deerfield:visnetic_mail_server deerfield visnetic mail server 8.3.0_build1
icewarp:web_mail icewarp web mail 5.5.1

Related