Nessus Plugin #12254
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
IMAP arbitrary file retrieval
- Family:
- Remote file access
- Category:
- attack
- Copyright:
- This script is Copyright (C) 2004 George A. Theall
- Summary:
- Checks for IMAP arbitrary file retrieval vulnerability
- Version:
- $Revision: 1.7 $
- Cve_id:
- -
- Bugtraq_id:
- 4909
- Xrefs:
- -
- Description:
The target is running an IMAP daemon that allows an authenticated user
to retrieve and manipulate files that would be available to that user
via a shell. If IMAP users are denied shell access, you may consider
this a vulnerability. Additional information on the issue can be
found at :
http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1
Solution : Contact your vendor for a fix.
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.