CVE-2005-3691 Information

Description

Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands.

Reference

http://secunia.com/advisories/17633 http://secunia.com/secunia_research/2005-59/advisory/ http://securitytracker.com/id?1015239 http://www.mailenable.com/hotfix/ http://www.securityfocus.com/bid/15494 http://www.vupen.com/english/advisories/2005/2484