CVE-2004-1670
published 2004-09-10CVE-2004-1670: Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1)…
PriorityP427high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.83%
76.2th percentile
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| icewarp | web_mail | — | — |
| icewarp | web_mail | — | — |
| icewarp | web_mail | — | — |
| merak | mail_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CWE
Path Traversal: '....//'
mitre_cwe
CWE-34 Path Traversal: '....//'
CWE-34: Path Traversal: '....//'
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '....//' (doubled dot dot slash) sequences that can resolve to a location that is outside of that directory.
This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. The '....//' manipulation is useful for bypassing some path traversal protection schemes. If "../" is filtered in a sequential fashion, as done by some regular expression engines, then "....//" can collapse into the "../" unsafe value (CWE-182). It could also be useful when ".." is removed, if the operating system treats "//" and "/" as equivalent.
Modes of Introduction:
Phase: Implement
CWE
Relative Path Traversal
mitre_cwe
CWE-23 Relative Path Traversal
CWE-23: Relative Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Confidentiality, Availability. Impact: Execute Unauthorized Code or Commands. The attacker may be able to create or overwrite critical files that are used to execute code, such as programs or libraries.
Scope: Integrity. Impact: Modify Files or Directories. The attacker may be able to overwrite or create critical files, such as programs, libraries, or important data. If the targeted file is used for a security mechanism, then the attacker may be able
http://marc.info/?l=bugtraq&m=109483971420067&w=2http://secunia.com/advisories/12789http://www.securityfocus.com/bid/11371https://exchange.xforce.ibmcloud.com/vulnerabilities/17314http://marc.info/?l=bugtraq&m=109483971420067&w=2http://secunia.com/advisories/12789http://www.securityfocus.com/bid/11371https://exchange.xforce.ibmcloud.com/vulnerabilities/17314
2004-09-10
Published