CVE-2006-0818 - Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with bef

CVE-2006-0818

Summary

Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname in the lang_settings parameter to mail/index.html, which is not properly sanitized by the validatefolder PHP function, possibly due to an incomplete fix for CVE-2005-4558.

References

Vulnerable Configurations

cpe:2.3:a:deerfield:visnetic_mail_server:8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:deerfield:visnetic_mail_server:8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:icewarp:web_mail:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:icewarp:web_mail:5.6.0:*:*:*:*:*:*:*
cpe:2.3:a:merak:mail_server:8.3.8r:*:windows:*:*:*:*:*
cpe:2.3:a:merak:mail_server:8.3.8r:*:windows:*:*:*:*:*

CVSS

Base:	4.0 (as of 18-10-2018 - 16:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:P/A:N

refmap via4

bid	19002 19007
bugtraq	20060717 Secunia Research: IceWarp Web Mail Two File InclusionVulnerabilities 20060717 Secunia Research: VisNetic Mail Server Two File InclusionVulnerabilities
misc	http://secunia.com/secunia_research/2006-12/advisory/ http://secunia.com/secunia_research/2006-14/advisory/
sectrack	1016513 1016514
secunia	18953 18966
vupen	ADV-2006-2825
xf	visnetic-language-file-include(27780)

Last major update

18-10-2018 - 16:29

Published

21-07-2006 - 14:03

Last modified

18-10-2018 - 16:29