• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

ArGoSoft Mail Server Pro IMAP Server Remote Directory Traversal Vulnerability

The ArGoSoft Mail Server Pro IMAP service is susceptible to a remote directory-traversal vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input.

This issue allows remote, authenticated attackers to create and possibly modify arbitrary files with the privileges of the server process. Since the server process requires elevated privileges to listen on the IMAP TCP port, attackers may likely be able to overwrite or modify any file with SYSTEM-level privileges.

Version 1.8.8.1 is vulnerable to this issue; other versions may also be affected.