Lucene search

[email protected]CVE-2006-0929

HistoryFeb 28, 2006 - 11:02 a.m.

CVE-2006-0929

2006-02-2811:02:00

[email protected]

web.nvd.nist.gov

cve-2006-0929

imap server

argosoft mail server pro

directory traversal

rename command

security vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

Directory traversal vulnerability in the IMAP server in ArGoSoft Mail Server Pro 1.8.8.1 allows remote authenticated users to create arbitrary folders via a … (dot dot) in the RENAME command.

Affected configurations

NVD

Node

argosoftargosoft_mail_serverMatch1.8.8.1pro

CPENameOperatorVersion
argosoft:argosoft_mail_serverargosoft argosoft mail servereq1.8.8.1

CPE	Name	Operator	Version
argosoft:argosoft_mail_server	argosoft argosoft mail server	eq	1.8.8.1

References

secunia.com/advisories/18990

www.nsag.ru/vuln/878.html

www.securityfocus.com/archive/1/425969/100/0/threaded

www.securityfocus.com/bid/16809

www.vupen.com/english/advisories/2006/0733

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

Related for CVE-2006-0929

nessus1 prion1 cvelist1 nvd1