OSVDB ID: 22764

Title: E-Post Multiple Products IMAP LIST Command Traversal Arbitrary Directory Listing

Info

Disclosure

Jan 25, 2006

Discovery

Jan 13, 2006

Dates

Exploit

Unknown

Solution

Unknown

Description

E-Post contains a flaw that allows a remote attacker to list arbitrary directories on the server outside of the mail directory. The issue is due to the IMAP service not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the arguments to the LIST command.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, E-POST Inc. has released a patch to address this vulnerability.

Products

E-POST Inc.	E-Post Mail Server Enterprise	4.10
	E-Post Mail Server	4.10
	E-Post SMTP Server Enterprise	4.10
	E-Post SMTP Server	4.10
	SPA-PRO Mail @Solomon Enterprise	4.00
	SPA-PRO Mail @Soloman	4.00
	SPA-PRO SMTP @Soloman	4.00

References

Bugtraq ID: 16379
Secunia Advisory ID: 18480
CVE ID: 2006-0448 (see also: NVD)
Related OSVDB ID: 22761 22762 22763 22765 22766
ISS X-Force ID: 24335
VUPEN Advisory: ADV-2006-0318
Other Advisory URL: http://secunia.com/secunia_research/2006-1/advisory/
Vendor URL: http://www.e-postinc.jp/

Credit

Tan Chew Keong - vulnsecunia.com - Secunia Research

Direct URL: http://osvdb.org/22764

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

E-POST Inc.

E-Post Mail Server Enterprise

E-Post Mail Server

E-Post SMTP Server Enterprise

E-Post SMTP Server

SPA-PRO Mail @Solomon Enterprise

SPA-PRO Mail @Soloman

SPA-PRO SMTP @Soloman

References

Credit