|
Family: Remote file access --> Category: attack
IMAP arbitrary file retrieval Vulnerability Scan
Vulnerability Scan Summary Checks for IMAP arbitrary file retrieval vulnerability
Detailed Explanation for this Vulnerability Test
The target is running an IMAP daemon that allows an authenticated user
to retrieve and manipulate files that would be available to that user
via a shell. If IMAP users are denied shell access, you may consider
this a vulnerability.
See also : http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1
Solution : Contact your vendor for a fix.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|