CVE-2006-2917 Information

Description

Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096 and possibly other versions before 6.1.4 Build 1099 allows remote authenticated users to read email of other users or perform unauthorized operations on directories via the (1) CREATE (2) SELECT (3) DELETE (4) RENAME (5) COPY (6) APPEND and (7) LIST commands.

Reference

http://secunia.com/advisories/20707 http://secunia.com/secunia_research/2006-48/advisory/ http://www.securityfocus.com/bid/18908 http://www.vupen.com/english/advisories/2006/2730 http://www.wingate.com/download.php