ArGoSoft Mail Server Pro IMAP RENAME Command Traversal Arbitrary Directory Creation

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote IMAP server is subject to directory traversal attacks.

Description :

The remote host is running ArGoSoft Mail Server, a messaging system
for Windows.

The IMAP server bundled with the version of ArGoSoft Mail Server
installed on the remote host fails to filter directory traversal
sequences from mailbox names passed to the 'RENAME' command. An
authenticated attacker can exploit this issue to move mailboxes to any
location on the affected system.

See also :

http://archives.neohapsis.com/archives/bugtraq/2006-02/0439.html
http://www.argosoft.com/rootpages/mailserver/ChangeList.aspx

Solution :

Upgrade to ArGoSoft Mail Server 1.8.8.6 or later.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N)
CVSS Temporal Score : 3.8
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 20977 (argosoft_ms_imap_rename_dir_traversal.nasl)

Bugtraq ID: 16809

CVE ID: CVE-2006-0929

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial