CVE-2008-0946

2008-02-25 22:44:00 2018-10-16 00:03:36

Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.

Vector

NETWORK

Complexity

MEDIUM

Authentication

SINGLE_INSTANCE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

NONE

Ipswitch Instant Messaging 2.0.8.1 Ipswitch IMserver 2.0.8.1

Ipswitch - Instant messaging Ipswitch - Imserver

Advisory	Patch	Confirmed	Link
			27677
			3697
			20080207 Multiple vulnerabilities in Ipswitch Instant Me...
			http://aluigi.org/poc/ipsimene.zip
			http://aluigi.altervista.org/adv/ipsimene-adv.txt

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)

Related CAPEC 7 Relative Path Traversal (CAPEC-ID 139) Directory Traversal (CAPEC-ID 213) File System Function Injection, Content Based (CAPEC-ID 23) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) Manipulating Input to File System Calls (CAPEC-ID 76) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79)