Etype Eserv Multiple Input Validation Vulnerabilities

Eserv is prone to multiple input-validation vulnerabilities. These issues include directory-traversal and code-disclosure vulnerabilities.

An attacker can exploit these issues to read other users' email messages, create and rename directories, delete arbitrary empty directories, and access the source code of arbitrary script files.

These issues affect version 3.25; other versions may also be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus