7 matches found
CVE-2006-2308
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the 1 CREATE, 2 SELECT, 3 DELETE, 4...
Directory traversal
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the 1 CREATE, 2 SELECT, 3 DELETE, 4...
Design/Logic Flaw
The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files...
CVE-2006-2309
The CVE-2006-2309 issue affects EServ/3.25 HTTP server where crafted requests containing dot, space, and slash characters can disclose the source code of script files. Secunia reports directory traversal and filename-extension validation flaws enabling disclosure; affected software is EServ/3 ver...
CVE-2006-2308
The CVE-2006-2308 entry affects EServ/3 IMAP service (version 3.25). The vulnerability is a directory traversal in IMAP commands (CREATE, SELECT, DELETE, RENAME, COPY, APPEND) that allows remote authenticated users to read other users’ emails and manipulate directories (create/rename/remove). Roo...
CVE-2006-2308
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the 1 CREATE, 2 SELECT, 3 DELETE, 4...
CVE-2006-2309
The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files...