MDaemon 8.0 - Content Filter Directory Traversal
| EKU-ID: 31374 | CVE: OSVDB-18348 | OSVDB-ID: |
| Author: Tan Chew Keong | Published: 2005-07-27 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31374 | CVE: OSVDB-18348 | OSVDB-ID: |
| Author: Tan Chew Keong | Published: 2005-07-27 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14400/info MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input. Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory. The following email attachment filename example was provided: '../../../../../file.exe'