IMAP: Multiple Command Directory Traversal
This signature detects attempts to exploit a known vulnerability against Qualcomm WorldMail IMAP Servers. Attackers, using IMAP, can send a malformed command prior to authentication. A successful attack could allow execution of arbitrary code.
Extended Description
Qualcomm Worldmail server is prone to a directory traversal vulnerability. Successful exploitation could allow an attacker to gain access to files owned by other users of the application. Sensitive information may be obtained and modified in this manner. Worldmail server version 3.0 is vulnerable; other versions may also be affected.
Affected Products
Qualcomm eudora_worldmail_server
Short Name
IMAP:EXPLOIT:CMD-DIR-TRSVR
Severity
Major
Recommended
False
Recommended Action
Drop
Category
IMAP
Keywords
CVE-2005-3189 Command Directory Multiple Traversal bid:15488
Release Date
12/05/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Qualcomm
CVSS Score
5.0