Arbitrary Mail Directory Creation and Renaming Vulnerability in MailEnable IMAP Service

Arbitrary Mail Directory Creation and Renaming Vulnerability in MailEnable IMAP Service

CVE-2005-3691 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands.

Learn more about our Web Application Penetration Testing UK.