• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: University Of Washington IMAP Arbitrary File Access Vulnerability

Severity: MODERATE

Description:

uw-imap is an open source Internet Message Access Protocol daemon. It is distributed and maintained by the University of Washington, and available for most operating systems including Unix, Linux, and Microsoft Windows.

A feature in the daemon may make it possible for users to gain access to unauthorized information.

By default, uw-imap allows users to view files on the system on which the daemon runs. The daemon allows users to view files that are normally readable through a shell on the system with equivalent user privileges.

In configurations where users are not authorized shell access to a system, but have a valid account from which to download mail via IMAP, a user may be able to gain access to information on the server. The feature enabled by default that allows users to view files via the IMAP daemon could result in information leakage on systems that depend on users not being able to view files on the local system.

Disabling this feature on Microsoft Windows systems may present additional problems. By design, the software does not filter the '\\' symbol.

This could result in leakage of potentially sensitive information to an unauthorized user. It should be noted that this feature is not documented in the literature distributed with the software.

Affected Products:

• HP Secure OS software for Linux 1.0.0
• RedHat Linux 6.2.0 alpha
• RedHat Linux 6.2.0 i386
• RedHat Linux 6.2.0 sparc
• RedHat Linux 7.0.0 alpha
• RedHat Linux 7.0.0 i386
• RedHat Linux 7.1.0 alpha
• RedHat Linux 7.1.0 i386
• RedHat Linux 7.1.0 ia64
• RedHat Linux 7.2.0 i386
• RedHat Linux 7.2.0 ia64
• Trustix Secure Linux 1.1.0
• Trustix Secure Linux 1.2.0
• Trustix Secure Linux 1.5.0
• Washington University wu-imapd 2001.0.0a

References:

• University of Washington: UW IMAP Server FAQ

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.