• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Endymion Sake Mail Null Character File Disclosure Vulnerability

Endymion Sake Mail is a webmail servlet, written in Java. It will run on most Unix and Linux variants, in addition to Microsoft Windows operating systems.

Endymion Sake Mail is prone to directory traversal attacks, potentially disclosing arbitrary web-readable files to remote attackers. Successful exploitation entails crafting a malicious web request, targetting an arbitrary web-readable file. The malicious request will include dot-dot-slash (../) sequences and a trailing null character (%00).

This issue may cause sensitive information to be disclosed to remote attackers.