Lucene search

PRIOn knowledge basePRION:CVE-2006-2308

HistoryJun 02, 2006 - 12:02 a.m.

Directory traversal

2006-06-0200:02:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

71.3%

JSON

Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user’s email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.

CPENameOperatorVersion
eserveq3.0
eserveq3.25

CPE	Name	Operator	Version
	eserv	eq	3.0
	eserv	eq	3.25

References

secunia.com/advisories/20059

secunia.com/secunia_research/2006-37/advisory/

securityreason.com/securityalert/1006

www.eserv.ru/ru/news/news_detail.php?ID=235

www.securityfocus.com/archive/1/435415/100/0/threaded

www.securityfocus.com/bid/18179

www.vupen.com/english/advisories/2006/2066

exchange.xforce.ibmcloud.com/vulnerabilities/26738

6.8 Medium

AI Score

Confidence

Low

5.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

71.3%

JSON

Related for PRION:CVE-2006-2308