15 matches found
EUVD-2004-2063
Malware in sbrugna...
Macallan Mail Solution Macallan Mail Solution 2.8.4 .6 (Build 260) - Web Interface Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9646/info A vulnerability has been reported in Macallan Mail Solution that may permit remote attackers to bypass authentication for the web interface. This may be exploited by submitting a specially crafted HTTP GET reque...
Directory traversal
Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. dot dot in the argument to the 1 CREATE, 2 SELECT, 3 DELETE, or 4 RENAME...
CVE-2006-0798
Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. dot dot in the argument to the 1 CREATE, 2 SELECT, 3 DELETE, or 4 RENAME...
CVE-2006-0798
CVE-2006-0798 : Multiple directory traversal vulnerabilities in the IMAP service of Macallan Mail Solution (before 4.8.05.004) allow remote authenticated users to read emails of other users or create/modify/delete directories by sending crafted arguments to CREATE, SELECT, DELETE, or RENAME. The ...
CVE-2006-0798
Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. dot dot in the argument to the 1 CREATE, 2 SELECT, 3 DELETE, or 4 RENAME...
Macallan Mail Solution directory traversal
Directory traversal in IMAP server...
[SA18775] Macallan Mail Solution IMAP Commands Directory Traversal
TITLE: Macallan Mail Solution IMAP Commands Directory Traversal SECUNIA ADVISORY ID: SA18775 VERIFY ADVISORY: http://secunia.com/advisories/18775/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: From remote SOFTWARE: Macallan Mail Solution 4.x...
Macallan IMAP Server Multiple Traversals Arbitrary File/Directory Manipulation
The remote host is running Macallan Mail Solution, a mail server for Windows. The IMAP server bundled with the version of Macallan installed on the remote host fails to filter directory traversal sequences from mailbox names passed to the 'CREATE', 'DELETE, 'RENAME', and 'SELECT' commands. An...
CVE-2004-2071
CVE-2004-2071 affects Macallan Mail Solution 2.8.4.6 (Build 260) and possibly earlier versions. The vulnerability allows an attacker to bypass authentication in the web interface by issuing an HTTP GET request containing two slashes (//) after the server name. The affected component is the web in...
CVE-2004-2071
Macallan Mail Solution 2.8.4.6 Build 260, and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes "//" after the server name...
Macallan Mail Solution Web Interface Authentication Bypass
The remote host is running Macallan Mail Solution, a mail server POP,SMTP,HTTP for Windows. It is possible to bypass web authentication by using two slashes before the requested resource. According to the vendor, this cannot be used to perform administrative actions. %NASLMINLEVEL 70300 C Tenable...
Macallan Mail Solution < 4.1.1.0 Multiple HTTP Vulnerabilities
Binary data 2482.prm...
CVE-2004-2071
Macallan Mail Solution 2.8.4.6 Build 260, and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes "//" after the server name...
Macallan Mail Solution Macallan Mail Solution 2.8.4.6 (Build 260) - Web Interface Authentication Bypass
source: https://www.securityfocus.com/bid/9646/info A vulnerability has been reported in Macallan Mail Solution that may permit remote attackers to bypass authentication for the web interface. This may be exploited by submitting a specially crafted HTTP GET request for the administration page of...