CVE-2006-2917
Severity Score
5.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.
Vulnerabilidad de salto de directorio en el servidor IMAP en WinGate 6.1.2.1094 y 6.1.3.1096, y posiblemente otras versiones anteriores a 6.1.4 Build 1099, permite a usuarios autenticados leer el correo de otros usuarios, o realizar operaciones no autorizadas en los directorios, a través de las ordenes 1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, y (7) LIST.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-06-08 CVE Reserved
- 2006-07-10 CVE Published
- 2023-05-14 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/18908 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/2730 | Vdb Entry | |
| http://www.wingate.com/download.php | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/20707 | 2011-03-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/secunia_research/2006-48/advisory | 2011-03-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Qbik Search vendor "Qbik" | Wingate Search vendor "Qbik" for product "Wingate" | 6.1.2.1094 Search vendor "Qbik" for product "Wingate" and version "6.1.2.1094" | - |
Affected
| ||||||
| Qbik Search vendor "Qbik" | Wingate Search vendor "Qbik" for product "Wingate" | 6.1.3.1096 Search vendor "Qbik" for product "Wingate" and version "6.1.3.1096" | - |
Affected
| ||||||