E-Post Multiple Product IMAP Multiple Command Traversal Arbitrary File/Dir Creation

2006-01-25T04:48:14
ID OSVDB:22765
Type osvdb
Reporter Tan Chew Keong(vuln@secunia.com)
Modified 2006-01-25T04:48:14

Description

Vulnerability Description

E-Post contains a flaw that allows a remote attacker to create ".MSG" files and arbitrary directories outside of the mail directory. The issue is due to the IMAP service not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the arguments to the APPEND, COPY, and RENAME commands.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, E-POST Inc. has released a patch to address this vulnerability.

Short Description

E-Post contains a flaw that allows a remote attacker to create ".MSG" files and arbitrary directories outside of the mail directory. The issue is due to the IMAP service not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the arguments to the APPEND, COPY, and RENAME commands.

References:

Vendor URL: http://www.e-postinc.jp/ Secunia Advisory ID:18480 Related OSVDB ID: 22762 Related OSVDB ID: 22763 Related OSVDB ID: 22764 Related OSVDB ID: 22761 Related OSVDB ID: 22766 Other Advisory URL: http://secunia.com/secunia_research/2006-1/advisory/ ISS X-Force ID: 24336 FrSIRT Advisory: ADV-2006-0318 CVE-2006-0448 Bugtraq ID: 16379