Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re[2]: Rockliffe Directory Transversal Vulnerability
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Wed, 4 Jan 2006 22:05:34 +0300

Dear Stan Bubrouski,

 Yes, I wrote few tools to manage files via IMAP back in 2002:

 http://www.security.nnov.ru/files/imaptools.tgz

 description is here:

 http://www.security.nnov.ru/news2063.html

--Wednesday, January 4, 2006, 8:03:40 PM, you wrote to jzlatin () ramat cc:

SB> Seeing as most IMAP servers allow you to use ../../ with SELECT, etc..
SB> (think uw-imapd for example) I think I would categorize this as more
SB> of a permissions problem.



-- 
~/ZARAZA
http://www.security.nnov.ru/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]