TITLE: Macallan Mail Solution IMAP Commands Directory Traversal SECUNIA ADVISORY ID: SA18775 VERIFY ADVISORY: http://secunia.com/advisories/18775/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: >From remote SOFTWARE: Macallan Mail Solution 4.x http://secunia.com/product/4469/ DESCRIPTION: Secunia Research has discovered a vulnerability in Macallan Mail Solution, which can be exploited by malicious users to bypass certain security restrictions and to gain access to potentially sensitive information. The vulnerability is caused due to directory traversal errors in the CREATE, SELECT, DELETE and RENAME commands of the IMAP service. This can be exploited by an authenticated user to read other users' emails, create/rename arbitrary directories on the system, and delete empty directories. The vulnerability has been confirmed in version 4.8.03.025. Prior versions may also be affected. SOLUTION: Update to version 4.8.05.004. http://macallan.club.fr/MMS/index.html PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2006-4/advisory/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------