SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Zimbra Collaboration mboximport Directory Traversal 2

Category: WEB-ATTACKS      

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.

References
http://www.securityfocus.com/bid/38457

Relevant Information


© SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0