IMAP Arbitrary File Retrieval Network Vulnerability

Summary

The target is running an IMAP daemon that allows an authenticated user to retrieve and manipulate files that would be available to that user via a shell. If IMAP users are denied shell access, you may consider this a vulnerability.

Solution

Contact your vendor for a fix.

References

http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1

Updated on 2015-03-25

Severity

Classification

CVE CVE-2002-1782

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Linux)
Subversion Module File Restriction Bypass
Samba Symlink Directory Traversal Vulnerability
LDAPsearch
IMAP arbitrary file retrieval

Take action and discover your vulnerabilities