Full Disclosure: Re[2]: Rockliffe Directory Transversal Vulnerability

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re[2]: Rockliffe Directory Transversal Vulnerability

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 4 Jan 2006 22:05:34 +0300

Dear Stan Bubrouski,

 Yes, I wrote few tools to manage files via IMAP back in 2002:

 http://www.security.nnov.ru/files/imaptools.tgz

 description is here:

 http://www.security.nnov.ru/news2063.html

--Wednesday, January 4, 2006, 8:03:40 PM, you wrote to jzlatin () ramat cc:

SB> Seeing as most IMAP servers allow you to use ../../ with SELECT, etc..
SB> (think uw-imapd for example) I think I would categorize this as more
SB> of a permissions problem.



-- 
~/ZARAZA
http://www.security.nnov.ru/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Rockliffe Directory Transversal Vulnerability Josh Zlatin (Jan 04)
- Re: Rockliffe Directory Transversal Vulnerability Stan Bubrouski (Jan 04)
  - Re[2]: Rockliffe Directory Transversal Vulnerability 3APA3A (Jan 04)
  - Re: Rockliffe Directory Transversal Vulnerability Josh Zlatin (Jan 05)