[Full-disclosure] Rockliffe Directory Transversal Vulnerability
3APA3A
3APA3A at SECURITY.NNOV.RU
Wed Jan 4 19:05:34 GMT 2006
Dear Stan Bubrouski,
Yes, I wrote few tools to manage files via IMAP back in 2002:
http://www.security.nnov.ru/files/imaptools.tgz
description is here:
http://www.security.nnov.ru/news2063.html
--Wednesday, January 4, 2006, 8:03:40 PM, you wrote to jzlatin at ramat.cc:
SB> Seeing as most IMAP servers allow you to use ../../ with SELECT, etc..
SB> (think uw-imapd for example) I think I would categorize this as more
SB> of a permissions problem.
--
~/ZARAZA
http://www.security.nnov.ru/
Full-Disclosure is hosted and sponsored by Secunia.