NVD Vulnerability Detail

CVE-2006-0818

Summary	Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname in the lang_settings parameter to mail/index.html, which is not properly sanitized by the validatefolder PHP function, possibly due to an incomplete fix for CVE-2005-4558.
Publication Date	July 21, 2006, 11:03 p.m.
Registration Date	Jan. 29, 2021, 3:32 p.m.
Last Update	Oct. 19, 2018, 1:29 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:deerfield:visnetic_mail_server:8.3.5:::::::*
cpe:2.3:a:icewarp:web_mail:5.6.0:::::::*
cpe:2.3:a:merak:mail_server:8.3.8r::windows:::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/18953	SECUNIA	Exploit Patch Vendor Advisory
2	http://secunia.com/advisories/18966	SECUNIA	Exploit Patch Vendor Advisory
3	http://secunia.com/secunia_research/2006-12/advisory/	MISC	Exploit Patch Vendor Advisory
4	http://secunia.com/secunia_research/2006-14/advisory/	MISC	Exploit Patch Vendor Advisory
5	http://securitytracker.com/id?1016513	SECTRACK
6	http://securitytracker.com/id?1016514	SECTRACK
7	http://www.securityfocus.com/archive/1/440297/100/0/threaded	BUGTRAQ
8	http://www.securityfocus.com/archive/1/440302/100/0/threaded	BUGTRAQ
9	http://www.securityfocus.com/bid/19002	BID	Exploit Patch
10	http://www.securityfocus.com/bid/19007	BID
11	http://www.vupen.com/english/advisories/2006/2825	VUPEN
12	https://exchange.xforce.ibmcloud.com/vulnerabilities/27780	XF

Common Vulnerabilities List

JVN Vulnerability Information

MERAK Mail Server および VisNetic MailServer における絶対パスディレクトリトラバーサルの脆弱性

Title	MERAK Mail Server および VisNetic MailServer における絶対パスディレクトリトラバーサルの脆弱性
Summary	(1) IceWarp Web Mail 以前の Windows 用の MERAK Mail Server および (2) VisNetic MailServer は、validatefolder PHP 関数が適切にサニタイズしないため、絶対パスディレクトリトラバーサルの脆弱性が存在します。本脆弱性は、CVE-2005-4558 での修正が不完全だったことによる脆弱性です。
Possible impacts	リモート認証されたユーザにより、mail/index.html への lang_settings パラメータ内の UNC またはフル Windows パス名および変更した language パラメータを介して、任意のファイルをインクルードされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 21, 2006, midnight
Registration Date	Dec. 20, 2012, 6:02 p.m.
Last Update	Dec. 20, 2012, 6:02 p.m.

Affected System

IceWarp, Inc.

web mail 5.6.1

merak

mail server

deerfield

visnetic mail server 8.5.0.5 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2006-0818	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0818
National Vulnerability Database (NVD)
2	CVE-2006-0818	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0818

ベンダー情報

No	Name	URL
deerfield
1	Download VisNetic MailServer	http://downloads.info/windows/internet/email/visnetic-mailserver.html
icewarp
2	IceWarp Mail Server 10.4.3	http://www.icewarp.com/products/icewarp_email_server_software/

Change Log

No	Changed Details	Date of change
0	[2012年12月20日] 掲載	Feb. 17, 2018, 10:37 a.m.