ipop2d fold Command Arbitrary File Access

medium Nessus Plugin ID 10469

Synopsis

The remote POP2 server is affected by an information disclosure vulnerability.

Description

The remote pop2 server allows the reading of arbitrary files for authenticated users, using the 'fold' command.

Solution

There is no known solution at this time.

Plugin Details

Severity: Medium

ID: 10469

File Name: ipop2d_readfiles.nasl

Version: 1.25

Type: remote

Family: Misc.

Published: 8/2/2000

Updated: 8/7/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Vulnerability Publication Date: 7/14/2000

Reference Information

BID: 1484