Security Advisory
CVE-2006-2308
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other users email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.