Signature Detail
Short Name |
IMAP:EXPLOIT:CMD-DIR-TRSVR |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
IMAP |
Keywords |
Multiple Command Directory Traversal |
Release Date |
2005/12/05 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IMAP: Multiple Command Directory Traversal
This signature detects attempts to exploit a known vulnerability against Qualcomm WorldMail IMAP Servers. Attackers, using IMAP, can send a malformed command prior to authentication. A successful attack could allow execution of arbitrary code.
Extended Description
Qualcomm Worldmail server is prone to a directory traversal vulnerability. Successful exploitation could allow an attacker to gain access to files owned by other users of the application. Sensitive information may be obtained and modified in this manner. Worldmail server version 3.0 is vulnerable; other versions may also be affected.
Affected Products
- Qualcomm Eudora WorldMail Server 3.0.0
References
- BugTraq: 15488
- CVE: CVE-2005-3189