CVE-2006-2308

2006-06-02T00:02:00
ID CVE-2006-2308
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:39:00

Description

Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.