Back to search
CVE-2005-0313
Published: Feb 10, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users to read, create, or delete arbitrary directories and files via the IMAP commands (3) CREATE, (4) EXAMINE, (5) SELECT, or (6) DELETE.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
magic-winmail-command-directory-traversal(19114)
vdb-entry
x_refsource_XF
12388
vdb-entry
x_refsource_BID
1013017
vdb-entry
x_refsource_SECTRACK
20050127 [SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
14053
third-party-advisory
x_refsource_SECUNIA
magicwinmail-uploadphp-file-upload(19108)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now