CVE-2004-2446

Description

Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.

Affected products

• 1st_class_internet_solutions / 1st_class_mail_server4.01 – 4.01

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15812
• MISChttp://securitytracker.com/alerts/2004/Apr/1009705.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/11330
• MISChttp://members.lycos.co.uk/r34ct/main/1st%20Class%20mail%20server%204.01.txt
• MISChttp://www.osvdb.org/5011
• MISChttp://www.securityfocus.com/bid/10089