Nessus Plugin #12254

Plugin Index

Note: This file has been created from a downloaded version of the Nessus Plugins from http://www.nessus.org/. Therefore, the information here can be outdated.

IMAP arbitrary file retrieval

Family:
Remote file access
Category:
attack
Copyright:
This script is Copyright (C) 2004 George A. Theall
Summary:
Checks for IMAP arbitrary file retrieval vulnerability
Version:
$Revision: 1.7 $
Cve_id:
-
Bugtraq_id:
4909
Xrefs:
-
Description:

The target is running an IMAP daemon that allows an authenticated user
to retrieve and manipulate files that would be available to that user
via a shell. If IMAP users are denied shell access, you may consider
this a vulnerability. Additional information on the issue can be
found at :

http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1

Solution : Contact your vendor for a fix.

Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.