2006-06-02 00:00:00
flexera
PUBLISHED
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other users email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands.