CVE-2005-1283

Description

Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367.

Affected products

• argosoft / argosoft_mail_server1.8.7.6 – 1.8.7.6

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/20229
• MAILING_LISThttp://marc.info/?l=bugtraq&m=111419001527077&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/20226
• MISChttp://www.osvdb.org/15823
• MISChttp://www.osvdb.org/15821