mailing list archives
Re: Rockliffe Directory Transversal Vulnerability
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 4 Jan 2006 22:05:34 +0300
Dear Stan Bubrouski,
Yes, I wrote few tools to manage files via IMAP back in 2002:
description is here:
--Wednesday, January 4, 2006, 8:03:40 PM, you wrote to jzlatin () ramat cc:
SB> Seeing as most IMAP servers allow you to use ../../ with SELECT, etc..
SB> (think uw-imapd for example) I think I would categorize this as more
SB> of a permissions problem.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/